Secure authentication for assistant systems

ABSTRACT

In one embodiment, a method includes receiving a first audio input from a user requesting access to information or a service, sending a request for the information or service to an authentication server, where the request includes first authentication information based on the first audio input and further includes a user identifier associated with the user, receiving a second audio input from a client system of the user, where the second audio input includes a first authentication code to be compared to a second authentication code generated by the authentication server, sending second authentication information based on the second audio input and the user identifier to the authentication server for verification, receiving, from the authentication server, an indication of whether the user is successfully authenticated based on the second authentication information, and providing, to the user, access to the information or service when the user is successfully authenticated.

PRIORITY

This application claims the benefit under 35 U.S.C. § 119(e) of U.S. Provisional Patent Application No. 62/660,876, filed 20 Apr. 2018, and also claims the benefit under 35 U.S.C. § 119(e) of U.S. Provisional Patent Application No. 62/675,090, filed 22 May 2018, each of which is incorporated by reference.

TECHNICAL FIELD

This disclosure generally relates to databases and file management within network environments, and in particular relates to hardware and software for smart assistant systems.

BACKGROUND

An assistant system can provide information or services on behalf of a user based on a combination of user input, location awareness, and the ability to access information from a variety of online sources (such as weather conditions, traffic congestion, news, stock prices, user schedules, retail prices, etc.). The user input may include text (e.g., online chat), especially in an instant messaging application or other applications, voice, images, or a combination of them. The assistant system may perform concierge-type services (e.g., making dinner reservations, purchasing event tickets, making travel arrangements) or provide information based on the user input. The assistant system may also perform management or data-handling tasks based on online information and events without user initiation or interaction. Examples of those tasks that may be performed by an assistant system may include schedule management (e.g., sending an alert to a dinner date that a user is running late due to traffic conditions, update schedules for both parties, and change the restaurant reservation time). The assistant system may be enabled by the combination of computing devices, application programming interfaces (APIs), and the proliferation of applications on user devices.

A social-networking system, which may include a social-networking website, may enable its users (such as persons or organizations) to interact with it and with each other through it. The social-networking system may, with input from a user, create and store in the social-networking system a user profile associated with the user. The user profile may include demographic information, communication-channel information, and information on personal interests of the user. The social-networking system may also, with input from a user, create and store a record of relationships of the user with other users of the social-networking system, as well as provide services (e.g. profile/news feed posts, photo-sharing, event organization, messaging, games, or advertisements) to facilitate social interaction between or among users.

The social-networking system may send over one or more networks content or messages related to its services to a mobile or other computing device of a user. A user may also install software applications on a mobile or other computing device of the user for accessing a user profile of the user and other data within the social-networking system. The social-networking system may generate a personalized set of content objects to display to a user, such as a newsfeed of aggregated stories of other users connected to the user.

SUMMARY OF PARTICULAR EMBODIMENTS

In particular embodiments, the assistant system may assist a user to obtain information or services. The assistant system may enable the user to interact with it with multi-modal user input (such as voice, text, image, video) in stateful and multi-turn conversations to get assistance. The assistant system may create and store a user profile comprising both personal and contextual information associated with the user. In particular embodiments, the assistant system may analyze the user input using natural-language understanding. The analysis may be based on the user profile for more personalized and context-aware understanding. The assistant system may resolve entities associated with the user input based on the analysis. In particular embodiments, the assistant system may interact with different agents to obtain information or services that are associated with the resolved entities. The assistant system may generate a response for the user regarding the information or services by using natural-language generation. Through the interaction with the user, the assistant system may use dialog management techniques to manage and forward the conversation flow with the user. In particular embodiments, the assistant system may further assist the user to effectively and efficiently digest the obtained information by summarizing the information. The assistant system may also assist the user to be more engaging with an online social network by providing tools that help the user interact with the online social network (e.g., creating posts, comments, messages). The assistant system may additionally assist the user to manage different tasks such as keeping track of events. In particular embodiments, the assistant system may proactively execute tasks that are relevant to user interests and preferences based on the user profile without a user input. In particular embodiments, the assistant system may check privacy settings to ensure that accessing a user's profile or other user information and executing different tasks are permitted subject to the user's privacy settings.

In particular embodiments, a user may request information or services from an assistant system via a voice input, and in response the assistant system may authenticate the user to verify the user's identity. If the authentication is successful, e.g., the user's identity is verified, then, subject to the user's privacy settings and any other applicable privacy settings, the assistant system may provide the requested information or services to the user. The provided information may be retrieved from a social-networking system, e.g., user profile information, information from a social graph, such as a list of the user friends, information about nearby places, or other information, e.g., weather forecasts, search results, and so on. The provided information may be from other sources, such as sources accessed by the assistant via interactions with agents. The provided services may include services performed by the social-networking system, e.g., reading and sending messages or newsfeed entries, scheduling meetings, sharing information with friends, and so on. The provided services may include services performed by third-party systems, e.g., home automation services such as controlling lights, thermostats, televisions, and other devices, Internet-based services such as online video streaming, making reservations for restaurants or events, and other services that may be obtained by the assistant via interactions with agents.

In particular embodiments, the assistant system may receive a request to access information or services from a user via voice or other input modality, and authenticate the user by (a) using a first type of communication, which may be a secure network connection between the user's client system and the assistant system to securely send an authentication code to the user's client system and (b) using a second type of communication, which may use an audio speaker of the assistant system to generate audio containing the authentication code and a microphone of the client system to receive the authentication code. The assistant system may use the authentication code received from the client system to authenticate the user of the client system by, for example, submitting the authentication code to an authentication server, which may compare the received authentication code to the authentication code previously sent to the client system. If the received authentication code matches the previously-sent authentication code, then the user's identity may be successfully authenticated. Other second types of communication are possible as well, e.g., radio communication such as BLUETOOTH or Near-Field Communication (NFC). The request for information or services may be received by the assistant system as a voice input or other type of audio input. The information or services may be public or private (e.g., information subject to privacy settings in a social-networking system).

The embodiments disclosed herein are only examples, and the scope of this disclosure is not limited to them. Particular embodiments may include all, some, or none of the components, elements, features, functions, operations, or steps of the embodiments disclosed above. Embodiments according to the invention are in particular disclosed in the attached claims directed to a method, a storage medium, a system and a computer program product, wherein any feature mentioned in one claim category, e.g. method, can be claimed in another claim category, e.g. system, as well. The dependencies or references back in the attached claims are chosen for formal reasons only. However any subject matter resulting from a deliberate reference back to any previous claims (in particular multiple dependencies) can be claimed as well, so that any combination of claims and the features thereof are disclosed and can be claimed regardless of the dependencies chosen in the attached claims. The subject-matter which can be claimed comprises not only the combinations of features as set out in the attached claims but also any other combination of features in the claims, wherein each feature mentioned in the claims can be combined with any other feature or combination of other features in the claims. Furthermore, any of the embodiments and features described or depicted herein can be claimed in a separate claim and/or in any combination with any embodiment or feature described or depicted herein or with any of the features of the attached claims.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates an example network environment associated with an assistant system.

FIG. 2 illustrates an example architecture of the assistant system.

FIG. 3 illustrates an example diagram flow of responding to a user request by the assistant system.

FIG. 4 illustrates an example diagram flow of authenticating a user by the assistant system.

FIGS. 5A and 5B illustrate example interaction diagrams of authentication using the assistant system.

FIG. 6 illustrates an example method for authentication using the assistant system.

FIG. 7 illustrates an example social graph.

FIG. 8 illustrates an example view of an embedding space.

FIG. 9 illustrates an example artificial neural network.

FIG. 10 illustrates an example computer system.

DESCRIPTION OF EXAMPLE EMBODIMENTS

System Overview

FIG. 1 illustrates an example network environment 100 associated with an assistant system. Network environment 100 includes a client system 130, an assistant system 140, a social-networking system 160, and a third-party system 170 connected to each other by a network 110. Although FIG. 1 illustrates a particular arrangement of a client system 130, an assistant system 140, a social-networking system 160, a third-party system 170, and a network 110, this disclosure contemplates any suitable arrangement of a client system 130, an assistant system 140, a social-networking system 160, a third-party system 170, and a network 110. As an example and not by way of limitation, two or more of a client system 130, a social-networking system 160, an assistant system 140, and a third-party system 170 may be connected to each other directly, bypassing a network 110. As another example, two or more of a client system 130, an assistant system 140, a social-networking system 160, and a third-party system 170 may be physically or logically co-located with each other in whole or in part. Moreover, although FIG. 1 illustrates a particular number of client systems 130, assistant systems 140, social-networking systems 160, third-party systems 170, and networks 110, this disclosure contemplates any suitable number of client systems 130, assistant systems 140, social-networking systems 160, third-party systems 170, and networks 110. As an example and not by way of limitation, network environment 100 may include multiple client systems 130, assistant systems 140, social-networking systems 160, third-party systems 170, and networks 110.

This disclosure contemplates any suitable network 110. As an example and not by way of limitation, one or more portions of a network 110 may include an ad hoc network, an intranet, an extranet, a virtual private network (VPN), a local area network (LAN), a wireless LAN (WLAN), a wide area network (WAN), a wireless WAN (WWAN), a metropolitan area network (MAN), a portion of the Internet, a portion of the Public Switched Telephone Network (PSTN), a cellular telephone network, or a combination of two or more of these. A network 110 may include one or more networks 110.

Links 150 may connect a client system 130, an assistant system 140, a social-networking system 160, and a third-party system 170 to a communication network 110 or to each other. This disclosure contemplates any suitable links 150. In particular embodiments, one or more links 150 include one or more wireline (such as for example Digital Subscriber Line (DSL) or Data Over Cable Service Interface Specification (DOCSIS)), wireless (such as for example Wi-Fi or Worldwide Interoperability for Microwave Access (WiMAX)), or optical (such as for example Synchronous Optical Network (SONET) or Synchronous Digital Hierarchy (SDH)) links. In particular embodiments, one or more links 150 each include an ad hoc network, an intranet, an extranet, a VPN, a LAN, a WLAN, a WAN, a WWAN, a MAN, a portion of the Internet, a portion of the PSTN, a cellular technology-based network, a satellite communications technology-based network, another link 150, or a combination of two or more such links 150. Links 150 need not necessarily be the same throughout a network environment 100. One or more first links 150 may differ in one or more respects from one or more second links 150.

In particular embodiments, a client system 130 may be an electronic device including hardware, software, or embedded logic components or a combination of two or more such components and capable of carrying out the appropriate functionalities implemented or supported by a client system 130. As an example and not by way of limitation, a client system 130 may include a computer system such as a desktop computer, notebook or laptop computer, netbook, a tablet computer, e-book reader, GPS device, camera, personal digital assistant (PDA), handheld electronic device, cellular telephone, smartphone, smart speaker, other suitable electronic device, or any suitable combination thereof. In particular embodiments, the client system 130 may be a smart assistant device. More information on smart assistant devices may be found in U.S. patent application Ser. No. 15/949,011, filed 9 Apr. 2018, U.S. Patent Application No. 62/655,751, filed 10 Apr. 2018, U.S. Design patent application No. 29/631910, filed 3 Jan. 2018, U.S. Design patent application No. 29/631747, filed 2 Jan. 2018, U.S. Design patent application No. 29/631913, filed 3 Jan. 2018, and U.S. Design patent application No. 29/631914, filed 3 Jan. 2018, each of which is incorporated by reference. This disclosure contemplates any suitable client systems 130. A client system 130 may enable a network user at a client system 130 to access a network 110. A client system 130 may enable its user to communicate with other users at other client systems 130.

In particular embodiments, a client system 130 may include a web browser 132, such as MICROSOFT INTERNET EXPLORER, GOOGLE CHROME or MOZILLA FIREFOX, and may have one or more add-ons, plug-ins, or other extensions, such as TOOLBAR or YAHOO TOOLBAR. A user at a client system 130 may enter a Uniform Resource Locator (URL) or other address directing a web browser 132 to a particular server (such as server 162, or a server associated with a third-party system 170), and the web browser 132 may generate a Hyper Text Transfer Protocol (HTTP) request and communicate the HTTP request to server. The server may accept the HTTP request and communicate to a client system 130 one or more Hyper Text Markup Language (HTML) files responsive to the HTTP request. The client system 130 may render a web interface (e.g. a webpage) based on the HTML files from the server for presentation to the user. This disclosure contemplates any suitable source files. As an example and not by way of limitation, a web interface may be rendered from HTML files, Extensible Hyper Text Markup Language (XHTML) files, or Extensible Markup Language (XML) files, according to particular needs. Such interfaces may also execute scripts such as, for example and without limitation, those written in JAVASCRIPT, JAVA, MICROSOFT SILVERLIGHT, combinations of markup language and scripts such as AJAX (Asynchronous JAVASCRIPT and XML), and the like. Herein, reference to a web interface encompasses one or more corresponding source files (which a browser may use to render the web interface) and vice versa, where appropriate.

In particular embodiments, a client system 130 may include a social-networking application 134 installed on the client system 130. A user at a client system 130 may use the social-networking application 134 to access on online social network. The user at the client system 130 may use the social-networking application 134 to communicate with the user's social connections (e.g., friends, followers, followed accounts, contacts, etc.). The user at the client system 130 may also use the social-networking application 134 to interact with a plurality of content objects (e.g., posts, news articles, ephemeral content, etc.) on the online social network. As an example and not by way of limitation, the user may browse trending topics and breaking news using the social-networking application 134.

In particular embodiments, a client system 130 may include an assistant application 136. A user at a client system 130 may use the assistant application 136 to interact with the assistant system 140. In particular embodiments, the assistant application 136 may comprise a stand-alone application. In particular embodiments, the assistant application 136 may be integrated into the social-networking application 134 or another suitable application (e.g., a messaging application). In particular embodiments, the assistant application 136 may be also integrated into the client system 130, an assistant hardware device, or any other suitable hardware devices. In particular embodiments, the assistant application 136 may be accessed via the web browser 132. In particular embodiments, the user may provide input via different modalities. As an example and not by way of limitation, the modalities may include audio, text, image, video, etc. The assistant application 136 may communicate the user input to the assistant system 140. Based on the user input, the assistant system 140 may generate responses. The assistant system 140 may send the generated responses to the assistant application 136. The assistant application 136 may then present the responses to the user at the client system 130. The presented responses may be based on different modalities such as audio, text, image, and video. As an example and not by way of limitation, the user may verbally ask the assistant application 136 about the traffic information (i.e., via an audio modality). The assistant application 136 may then communicate the request to the assistant system 140. The assistant system 140 may accordingly generate the result and send it back to the assistant application 136. The assistant application 136 may further present the result to the user in text.

In particular embodiments, an assistant system 140 may assist users to retrieve information from different sources. The assistant system 140 may also assist user to request services from different service providers. In particular embodiments, the assist system 140 may receive a user request for information or services via the assistant application 136 in the client system 130. The assist system 140 may use natural-language understanding to analyze the user request based on user's profile and other relevant information. The result of the analysis may comprise different entities associated with an online social network. The assistant system 140 may then retrieve information or request services associated with these entities. In particular embodiments, the assistant system 140 may interact with the social-networking system 160 and/or third-party system 170 when retrieving information or requesting services for the user. In particular embodiments, the assistant system 140 may generate a personalized communication content for the user using natural-language generating techniques. The personalized communication content may comprise, for example, the retrieved information or the status of the requested services. In particular embodiments, the assistant system 140 may enable the user to interact with it regarding the information or services in a stateful and multi-turn conversation by using dialog-management techniques. The functionality of the assistant system 140 is described in more detail in the discussion of FIG. 2 below.

In particular embodiments, the social-networking system 160 may be a network-addressable computing system that can host an online social network. The social-networking system 160 may generate, store, receive, and send social-networking data, such as, for example, user-profile data, concept-profile data, social-graph information, or other suitable data related to the online social network. The social-networking system 160 may be accessed by the other components of network environment 100 either directly or via a network 110. As an example and not by way of limitation, a client system 130 may access the social-networking system 160 using a web browser 132, or a native application associated with the social-networking system 160 (e.g., a mobile social-networking application, a messaging application, another suitable application, or any combination thereof) either directly or via a network 110. In particular embodiments, the social-networking system 160 may include one or more servers 162. Each server 162 may be a unitary server or a distributed server spanning multiple computers or multiple datacenters. Servers 162 may be of various types, such as, for example and without limitation, web server, news server, mail server, message server, advertising server, file server, application server, exchange server, database server, proxy server, another server suitable for performing functions or processes described herein, or any combination thereof. In particular embodiments, each server 162 may include hardware, software, or embedded logic components or a combination of two or more such components for carrying out the appropriate functionalities implemented or supported by server 162. In particular embodiments, the social-networking system 160 may include one or more data stores 164. Data stores 164 may be used to store various types of information. In particular embodiments, the information stored in data stores 164 may be organized according to specific data structures. In particular embodiments, each data store 164 may be a relational, columnar, correlation, or other suitable database. Although this disclosure describes or illustrates particular types of databases, this disclosure contemplates any suitable types of databases. Particular embodiments may provide interfaces that enable a client system 130, a social-networking system 160, or a third-party system 170 to manage, retrieve, modify, add, or delete, the information stored in data store 164.

In particular embodiments, the social-networking system 160 may store one or more social graphs in one or more data stores 164. In particular embodiments, a social graph may include multiple nodes—which may include multiple user nodes (each corresponding to a particular user) or multiple concept nodes (each corresponding to a particular concept)—and multiple edges connecting the nodes. The social-networking system 160 may provide users of the online social network the ability to communicate and interact with other users. In particular embodiments, users may join the online social network via the social-networking system 160 and then add connections (e.g., relationships) to a number of other users of the social-networking system 160 whom they want to be connected to. Herein, the term “friend” may refer to any other user of the social-networking system 160 with whom a user has formed a connection, association, or relationship via the social-networking system 160.

In particular embodiments, the social-networking system 160 may provide users with the ability to take actions on various types of items or objects, supported by the social-networking system 160. As an example and not by way of limitation, the items and objects may include groups or social networks to which users of the social-networking system 160 may belong, events or calendar entries in which a user might be interested, computer-based applications that a user may use, transactions that allow users to buy or sell items via the service, interactions with advertisements that a user may perform, or other suitable items or objects. A user may interact with anything that is capable of being represented in the social-networking system 160 or by an external system of a third-party system 170, which is separate from the social-networking system 160 and coupled to the social-networking system 160 via a network 110.

In particular embodiments, the social-networking system 160 may be capable of linking a variety of entities. As an example and not by way of limitation, the social-networking system 160 may enable users to interact with each other as well as receive content from third-party systems 170 or other entities, or to allow users to interact with these entities through an application programming interfaces (API) or other communication channels.

In particular embodiments, a third-party system 170 may include one or more types of servers, one or more data stores, one or more interfaces, including but not limited to APIs, one or more web services, one or more content sources, one or more networks, or any other suitable components, e.g., that servers may communicate with. A third-party system 170 may be operated by a different entity from an entity operating the social-networking system 160. In particular embodiments, however, the social-networking system 160 and third-party systems 170 may operate in conjunction with each other to provide social-networking services to users of the social-networking system 160 or third-party systems 170. In this sense, the social-networking system 160 may provide a platform, or backbone, which other systems, such as third-party systems 170, may use to provide social-networking services and functionality to users across the Internet.

In particular embodiments, a third-party system 170 may include a third-party content object provider. A third-party content object provider may include one or more sources of content objects, which may be communicated to a client system 130. As an example and not by way of limitation, content objects may include information regarding things or activities of interest to the user, such as, for example, movie show times, movie reviews, restaurant reviews, restaurant menus, product information and reviews, or other suitable information. As another example and not by way of limitation, content objects may include incentive content objects, such as coupons, discount tickets, gift certificates, or other suitable incentive objects.

In particular embodiments, the social-networking system 160 also includes user-generated content objects, which may enhance a user's interactions with the social-networking system 160. User-generated content may include anything a user can add, upload, send, or “post” to the social-networking system 160. As an example and not by way of limitation, a user communicates posts to the social-networking system 160 from a client system 130. Posts may include data such as status updates or other textual data, location information, photos, videos, links, music or other similar data or media. Content may also be added to the social-networking system 160 by a third-party through a “communication channel,” such as a newsfeed or stream.

In particular embodiments, the social-networking system 160 may include a variety of servers, sub-systems, programs, modules, logs, and data stores. In particular embodiments, the social-networking system 160 may include one or more of the following: a web server, action logger, API-request server, relevance-and-ranking engine, content-object classifier, notification controller, action log, third-party-content-object-exposure log, inference module, authorization/privacy server, search module, advertisement-targeting module, user-interface module, user-profile store, connection store, third-party content store, or location store. The social-networking system 160 may also include suitable components such as network interfaces, security mechanisms, load balancers, failover servers, management-and-network-operations consoles, other suitable components, or any suitable combination thereof. In particular embodiments, the social-networking system 160 may include one or more user-profile stores for storing user profiles. A user profile may include, for example, biographic information, demographic information, behavioral information, social information, or other types of descriptive information, such as work experience, educational history, hobbies or preferences, interests, affinities, or location. Interest information may include interests related to one or more categories. Categories may be general or specific. As an example and not by way of limitation, if a user “likes” an article about a brand of shoes the category may be the brand, or the general category of “shoes” or “clothing.” A connection store may be used for storing connection information about users. The connection information may indicate users who have similar or common work experience, group memberships, hobbies, educational history, or are in any way related or share common attributes. The connection information may also include user-defined connections between different users and content (both internal and external). A web server may be used for linking the social-networking system 160 to one or more client systems 130 or one or more third-party systems 170 via a network 110. The web server may include a mail server or other messaging functionality for receiving and routing messages between the social-networking system 160 and one or more client systems 130. An API-request server may allow a third-party system 170 to access information from the social-networking system 160 by calling one or more APIs. An action logger may be used to receive communications from a web server about a user's actions on or off the social-networking system 160. In conjunction with the action log, a third-party-content-object log may be maintained of user exposures to third-party-content objects. A notification controller may provide information regarding content objects to a client system 130. Information may be pushed to a client system 130 as notifications, or information may be pulled from a client system 130 responsive to a request received from a client system 130. Authorization servers may be used to enforce one or more privacy settings of the users of the social-networking system 160. A privacy setting of a user determines how particular information associated with a user can be shared. The authorization server may allow users to opt in to or opt out of having their actions logged by the social-networking system 160 or shared with other systems (e.g., a third-party system 170), such as, for example, by setting appropriate privacy settings. Third-party-content-object stores may be used to store content objects received from third parties, such as a third-party system 170. Location stores may be used for storing location information received from client systems 130 associated with users. Advertisement-pricing modules may combine social information, the current time, location information, or other suitable information to provide relevant advertisements, in the form of notifications, to a user.

Assistant Systems

FIG. 2 illustrates an example architecture of the assistant system 140. In particular embodiments, the assistant system 140 may assist a user to obtain information or services. The assistant system 140 may enable the user to interact with it with multi-modal user input (such as voice, text, image, video) in stateful and multi-turn conversations to get assistance. The assistant system 140 may create and store a user profile comprising both personal and contextual information associated with the user. In particular embodiments, the assistant system 140 may analyze the user input using natural-language understanding. The analysis may be based on the user profile for more personalized and context-aware understanding. The assistant system 140 may resolve entities associated with the user input based on the analysis. In particular embodiments, the assistant system 140 may interact with different agents to obtain information or services that are associated with the resolved entities. The assistant system 140 may generate a response for the user regarding the information or services by using natural-language generation. Through the interaction with the user, the assistant system 140 may use dialog management techniques to manage and forward the conversation flow with the user. In particular embodiments, the assistant system 140 may further assist the user to effectively and efficiently digest the obtained information by summarizing the information. The assistant system 140 may also assist the user to be more engaging with an online social network by providing tools that help the user interact with the online social network (e.g., creating posts, comments, messages). The assistant system 140 may additionally assist the user to manage different tasks such as keeping track of events. In particular embodiments, the assistant system 140 may proactively execute pre-authorized tasks that are relevant to user interests and preferences based on the user profile, at a time relevant for the user, without a user input. In particular embodiments, the assistant system 140 may check privacy settings to ensure that accessing a user's profile or other user information and executing different tasks are permitted subject to the user's privacy settings. More information on assisting users subject to privacy settings may be found in U.S. Patent Application No. 62/675,090, filed 22 May 2018, which is incorporated by reference.

In particular embodiments, the assistant system 140 may receive a user input from the assistant application 136 in the client system 130 associated with the user. In particular embodiments, the user input may be a user generated input that is sent to the assistant system 140 in a single turn. If the user input is based on a text modality, the assistant system 140 may receive it at a messaging platform 205. If the user input is based on an audio modality (e.g., the user may speak to the assistant application 136 or send a video including speech to the assistant application 136), the assistant system 140 may process it using an audio speech recognition (ASR) module 210 to convert the user input into text. If the user input is based on an image or video modality, the assistant system 140 may process it using optical character recognition techniques within the messaging platform 205 to convert the user input into text. The output of the messaging platform 205 or the ASR module 210 may be received at an assistant xbot 215. More information on handling user input based on different modalities may be found in U.S. patent application Ser. No. 16/053,600, filed 2 Aug. 2018, which is incorporated by reference.

In particular embodiments, the assistant xbot 215 may be a type of chat bot. The assistant xbot 215 may comprise a programmable service channel, which may be a software code, logic, or routine that functions as a personal assistant to the user. The assistant xbot 215 may work as the user's portal to the assistant system 140. The assistant xbot 215 may therefore be considered as a type of conversational agent. In particular embodiments, the assistant xbot 215 may send the textual user input to a natural-language understanding (NLU) module 220 to interpret the user input. In particular embodiments, the NLU module 220 may get information from a user context engine 225 and a semantic information aggregator 230 to accurately understand the user input. The user context engine 225 may store the user profile of the user. The user profile of the user may comprise user-profile data including demographic information, social information, and contextual information associated with the user. The user-profile data may also include user interests and preferences on a plurality of topics, aggregated through conversations on news feed, search logs, messaging platform 205, etc. The usage of a user profile may be protected behind a privacy check module 245 to ensure that a user's information can be used only for his/her benefit, and not shared with anyone else. More information on user profiles may be found in U.S. patent application Ser. No. 15/967,239, filed 30 Apr. 2018, which is incorporated by reference. The semantic information aggregator 230 may provide ontology data associated with a plurality of predefined domains, intents, and slots to the NLU module 220. In particular embodiments, a domain may denote a social context of interaction, e.g., education. An intent may be an element in a pre-defined taxonomy of semantic intentions, which may indicate a purpose of a user interacting with the assistant system 140. In particular embodiments, an intent may be an output of the NLU module 220 if the user input comprises a text/speech input. The NLU module 220 may classify the text/speech input into a member of the pre-defined taxonomy, e.g., for the input “Play Beethoven's 5th,” the NLU module 220 may classify the input as having the intent [intent:play_music]. In particular embodiments, a domain may be conceptually a namespace for a set of intents, e.g., music. A slot may be a named sub-string with the user input, representing a basic semantic entity. For example, a slot for “pizza” may be [slot:dish]. In particular embodiments, a set of valid or expected named slots may be conditioned on the classified intent. As an example and not by way of limitation, for [intent:play_music], a slot may be [slot:song_name]. The semantic information aggregator 230 may additionally extract information from a social graph, a knowledge graph, and a concept graph, and retrieve a user's profile from the user context engine 225. The semantic information aggregator 230 may further process information from these different sources by determining what information to aggregate, annotating n-grams of the user input, ranking the n-grams with confidence scores based on the aggregated information, formulating the ranked n-grams into features that can be used by the NLU module 220 for understanding the user input. More information on aggregating semantic information may be found in U.S. patent application Ser. No. 15/967,342, filed 30 Apr. 2018, which is incorporated by reference. Based on the output of the user context engine 225 and the semantic information aggregator 230, the NLU module 220 may identify a domain, an intent, and one or more slots from the user input in a personalized and context-aware manner. In particular embodiments, the NLU module 220 may comprise a lexicon of language and a parser and grammar rules to partition sentences into an internal representation. The NLU module 220 may also comprise one or more programs that perform naive semantics or stochastic semantic analysis to the use of pragmatics to understand a user input. In particular embodiments, the parser may be based on a deep learning architecture comprising multiple long-short term memory (LSTM) networks. As an example and not by way of limitation, the parser may be based on a recurrent neural network grammar (RNNG) model, which is a type of recurrent and recursive LSTM algorithm. More information on natural-language understanding may be found in U.S. patent application Ser. No. 16/011,062, filed 18 Jun. 2018, U.S. patent application Ser. No. 16/025,317, filed 2 Jul. 2018, and U.S. patent application Ser. No. 16/038,120, filed 17 Jul. 2018, each of which is incorporated by reference.

In particular embodiments, the identified domain, intent, and one or more slots from the NLU module 220 may be sent to a dialog engine 235. In particular embodiments, the dialog engine 235 may manage the dialog state and flow of the conversation between the user and the assistant xbot 215. The dialog engine 235 may additionally store previous conversations between the user and the assistant xbot 215. In particular embodiments, the dialog engine 235 may communicate with an entity resolution module 240 to resolve entities associated with the one or more slots, which supports the dialog engine 235 to forward the flow of the conversation between the user and the assistant xbot 215. In particular embodiments, the entity resolution module 240 may access the social graph, the knowledge graph, and the concept graph when resolving the entities. Entities may include, for example, unique users or concepts, each of which may have a unique identifier (ID). As an example and not by way of limitation, the knowledge graph may comprise a plurality of entities. Each entity may comprise a single record associated with one or more attribute values. The particular record may be associated with a unique entity identifier. Each record may have diverse values for an attribute of the entity. Each attribute value may be associated with a confidence probability. A confidence probability for an attribute value represents a probability that the value is accurate for the given attribute. Each attribute value may be also associated with a semantic weight. A semantic weight for an attribute value may represent how the value semantically appropriate for the given attribute considering all the available information. For example, the knowledge graph may comprise an entity of a movie “The Martian” (2015), which includes information that has been extracted from multiple content sources (e.g., movie review sources, media databases, and entertainment content sources), and then deduped, resolved, and fused to generate the single unique record for the knowledge graph. The entity may be associated with a space attribute value which indicates the genre of the movie “The Martian” (2015). More information on the knowledge graph may be found in U.S. patent application Ser. No. 16/048,049, filed 27 Jul. 2018, and U.S. patent application Ser. No. 16/048,101, filed 27 Jul. 2018, each of which is incorporated by reference. The entity resolution module 240 may additionally request a user profile of the user associated with the user input from the user context engine 225. In particular embodiments, the entity resolution module 240 may communicate with a privacy check module 245 to guarantee that the resolving of the entities does not violate privacy policies. In particular embodiments, the privacy check module 245 may use an authorization/privacy server to enforce privacy policies. As an example and not by way of limitation, an entity to be resolved may be another user who specifies in his/her privacy settings that his/her identity should not be searchable on the online social network, and thus the entity resolution module 240 may not return that user's identifier in response to a request. Based on the information obtained from the social graph, knowledge graph, concept graph, and user profile, and subject to applicable privacy policies, the entity resolution module 240 may therefore accurately resolve the entities associated with the user input in a personalized and context-aware manner. In particular embodiments, each of the resolved entities may be associated with one or more identifiers hosted by the social-networking system 160. As an example and not by way of limitation, an identifier may comprise a unique user identifier (ID). In particular embodiments, each of the resolved entities may be also associated with a confidence score. More information on resolving entities may be found in U.S. patent application Ser. No. 16/048,049, filed 27 Jul. 2018, and U.S. patent application Ser. No. 16/048,072, filed 27 Jul. 2018, each of which is incorporated by reference.

In particular embodiments, the dialog engine 235 may communicate with different agents based on the identified intent and domain, and the resolved entities. In particular embodiments, an agent may be an implementation that serves as a broker across a plurality of content providers for one domain. A content provider may be an entity responsible for carrying out an action associated with an intent or completing a task associated with the intent. As an example and not by way of limitation, multiple device-specific implementations (e.g., real-time calls for a client system 130 or a messaging application on the client system 130) may be handled internally by a single agent. Alternatively, these device-specific implementations may be handled by multiple agents associated with multiple domains. In particular embodiments, the agents may comprise first-party agents 250 and third-party agents 255. In particular embodiments, first-party agents 250 may comprise internal agents that are accessible and controllable by the assistant system 140 (e.g. agents associated with services provided by the online social network). In particular embodiments, third-party agents 255 may comprise external agents that the assistant system 140 has no control over (e.g., music streams agents, ticket sales agents). The first-party agents 250 may be associated with first-party providers 260 that provide content objects and/or services hosted by the social-networking system 160. The third-party agents 255 may be associated with third-party providers 265 that provide content objects and/or services hosted by the third-party system 170.

In particular embodiments, the communication from the dialog engine 235 to the first-party agents 250 may comprise requesting particular content objects and/or services provided by the first-party providers 260. As a result, the first-party agents 250 may retrieve the requested content objects from the first-party providers 260 and/or execute tasks that command the first-party providers 260 to perform the requested services. In particular embodiments, the communication from the dialog engine 235 to the third-party agents 255 may comprise requesting particular content objects and/or services provided by the third-party providers 265. As a result, the third-party agents 255 may retrieve the requested content objects from the third-party providers 265 and/or execute tasks that command the third-party providers 265 to perform the requested services. The third-party agents 255 may access the privacy check module 245 to guarantee no privacy violations before interacting with the third-party providers 265. As an example and not by way of limitation, the user associated with the user input may specify in his/her privacy settings that his/her profile information is invisible to any third-party content providers. Therefore, when retrieving content objects associated with the user input from the third-party providers 265, the third-party agents 255 may complete the retrieval without revealing to the third-party providers 265 which user is requesting the content objects.

In particular embodiments, each of the first-party agents 250 or third-party agents 255 may be designated for a particular domain. As an example and not by way of limitation, the domain may comprise weather, transportation, music, etc. In particular embodiments, the assistant system 140 may use a plurality of agents collaboratively to respond to a user input. As an example and not by way of limitation, the user input may comprise “direct me to my next meeting.” The assistant system 140 may use a calendar agent to retrieve the location of the next meeting. The assistant system 140 may then use a navigation agent to direct the user to the next meeting.

In particular embodiments, each of the first-party agents 250 or third-party agents 255 may retrieve a user profile from the user context engine 225 to execute tasks in a personalized and context-aware manner. As an example and not by way of limitation, a user input may comprise “book me a ride to the airport.” A transportation agent may execute the task of booking the ride. The transportation agent may retrieve the user profile of the user from the user context engine 225 before booking the ride. For example, the user profile may indicate that the user prefers taxis, so the transportation agent may book a taxi for the user. As another example, the contextual information associated with the user profile may indicate that the user is in a hurry so the transportation agent may book a ride from a ride-sharing service for the user since it may be faster to get a car from a ride-sharing service than a taxi company. In particular embodiment, each of the first-party agents 250 or third-party agents 255 may take into account other factors when executing tasks. As an example and not by way of limitation, other factors may comprise price, rating, efficiency, partnerships with the online social network, etc.

In particular embodiments, the dialog engine 235 may communicate with a conversational understanding composer (CU composer) 270. The dialog engine 235 may send the requested content objects and/or the statuses of the requested services to the CU composer 270. In particular embodiments, the dialog engine 235 may send the requested content objects and/or the statuses of the requested services as a <k, c, u, d> tuple, in which k indicates a knowledge source, c indicates a communicative goal, u indicates a user model, and d indicates a discourse model. In particular embodiments, the CU composer 270 may comprise a natural-language generator (NLG) 271 and a user interface (UI) payload generator 272. The natural-language generator 271 may generate a communication content based on the output of the dialog engine 235. In particular embodiments, the NLG 271 may comprise a content determination component, a sentence planner, and a surface realization component. The content determination component may determine the communication content based on the knowledge source, communicative goal, and the user's expectations. As an example and not by way of limitation, the determining may be based on a description logic. The description logic may comprise, for example, three fundamental notions which are individuals (representing objects in the domain), concepts (describing sets of individuals), and roles (representing binary relations between individuals or concepts). The description logic may be characterized by a set of constructors that allow the natural-language generator 271 to build complex concepts/roles from atomic ones. In particular embodiments, the content determination component may perform the following tasks to determine the communication content. The first task may comprise a translation task, in which the input to the natural-language generator 271 may be translated to concepts. The second task may comprise a selection task, in which relevant concepts may be selected among those resulted from the translation task based on the user model. The third task may comprise a verification task, in which the coherence of the selected concepts may be verified. The fourth task may comprise an instantiation task, in which the verified concepts may be instantiated as an executable file that can be processed by the natural-language generator 271. The sentence planner may determine the organization of the communication content to make it human understandable. The surface realization component may determine specific words to use, the sequence of the sentences, and the style of the communication content. The UI payload generator 272 may determine a preferred modality of the communication content to be presented to the user. In particular embodiments, the CU composer 270 may communicate with the privacy check module 245 to make sure the generation of the communication content follows the privacy policies. In particular embodiments, the CU composer 270 may retrieve a user profile from the user context engine 225 when generating the communication content and determining the modality of the communication content. As a result, the communication content may be more natural, personalized, and context-aware for the user. As an example and not by way of limitation, the user profile may indicate that the user likes short sentences in conversations so the generated communication content may be based on short sentences. As another example and not by way of limitation, the contextual information associated with the user profile may indicated that the user is using a device that only outputs audio signals so the UI payload generator 272 may determine the modality of the communication content as audio. More information on natural-language generation may be found in U.S. patent application Ser. No. 15/967,279, filed 30 Apr. 2018, and U.S. patent application Ser. No. 15/966,455, filed 30 Apr. 2018, each of which is incorporated by reference.

In particular embodiments, the CU composer 270 may send the generated communication content to the assistant xbot 215. In particular embodiments, the assistant xbot 215 may send the communication content to the messaging platform 205. The messaging platform 205 may further send the communication content to the client system 130 via the assistant application 136. In alternative embodiments, the assistant xbot 215 may send the communication content to a text-to-speech (TTS) module 275. The TTS module 275 may convert the communication content to an audio clip. The TTS module 275 may further send the audio clip to the client system 130 via the assistant application 136.

In particular embodiments, the assistant xbot 215 may interact with a proactive inference layer 280 without receiving a user input. The proactive inference layer 280 may infer user interests and preferences based on the user profile that is retrieved from the user context engine 225. In particular embodiments, the proactive inference layer 280 may further communicate with proactive agents 285 regarding the inference. The proactive agents 285 may execute proactive tasks based on the inference. As an example and not by way of limitation, the proactive tasks may comprise sending content objects or providing services to the user. In particular embodiments, each proactive task may be associated with an agenda item. The agenda item may comprise a recurring item such as a daily digest. The agenda item may also comprise a one-time item. In particular embodiments, a proactive agent 285 may retrieve the user profile from the user context engine 225 when executing the proactive task. Therefore, the proactive agent 285 may execute the proactive task in a personalized and context-aware manner. As an example and not by way of limitation, the proactive inference layer may infer that the user likes the band Maroon 5 and the proactive agent 285 may generate a recommendation of Maroon 5's new song/album to the user.

In particular embodiments, the proactive agent 285 may generate candidate entities associated with the proactive task based on a user profile. The generation may be based on a straightforward backend query using deterministic filters to retrieve the candidate entities from a structured data store. The generation may be alternatively based on a machine-learning model that is trained based on the user profile, entity attributes, and relevance between users and entities. As an example and not by way of limitation, the machine-learning model may be based on support vector machines (SVM). As another example and not by way of limitation, the machine-learning model may be based on a regression model. As another example and not by way of limitation, the machine-learning model may be based on a deep convolutional neural network (DCNN). In particular embodiments, the proactive agent 285 may also rank the generated candidate entities based on the user profile and the content associated with the candidate entities. The ranking may be based on the similarities between a user's interests and the candidate entities. As an example and not by way of limitation, the assistant system 140 may generate a feature vector representing a user's interest and feature vectors representing the candidate entities. The assistant system 140 may then calculate similarity scores (e.g., based on cosine similarity) between the feature vector representing the user's interest and the feature vectors representing the candidate entities. The ranking may be alternatively based on a ranking model that is trained based on user feedback data.

In particular embodiments, the proactive task may comprise recommending the candidate entities to a user. The proactive agent 285 may schedule the recommendation, thereby associating a recommendation time with the recommended candidate entities. The recommended candidate entities may be also associated with a priority and an expiration time. In particular embodiments, the recommended candidate entities may be sent to a proactive scheduler. The proactive scheduler may determine an actual time to send the recommended candidate entities to the user based on the priority associated with the task and other relevant factors (e.g., clicks and impressions of the recommended candidate entities). In particular embodiments, the proactive scheduler may then send the recommended candidate entities with the determined actual time to an asynchronous tier. The asynchronous tier may temporarily store the recommended candidate entities as a job. In particular embodiments, the asynchronous tier may send the job to the dialog engine 235 at the determined actual time for execution. In alternative embodiments, the asynchronous tier may execute the job by sending it to other surfaces (e.g., other notification services associated with the social-networking system 160). In particular embodiments, the dialog engine 235 may identify the dialog intent, state, and history associated with the user. Based on the dialog intent, the dialog engine 235 may select some candidate entities among the recommended candidate entities to send to the client system 130. In particular embodiments, the dialog state and history may indicate if the user is engaged in an ongoing conversation with the assistant xbot 215. If the user is engaged in an ongoing conversation and the priority of the task of recommendation is low, the dialog engine 235 may communicate with the proactive scheduler to reschedule a time to send the selected candidate entities to the client system 130. If the user is engaged in an ongoing conversation and the priority of the task of recommendation is high, the dialog engine 235 may initiate a new dialog session with the user in which the selected candidate entities may be presented. As a result, the interruption of the ongoing conversation may be prevented. When it is determined that sending the selected candidate entities is not interruptive to the user, the dialog engine 235 may send the selected candidate entities to the CU composer 270 to generate a personalized and context-aware communication content comprising the selected candidate entities, subject to the user's privacy settings. In particular embodiments, the CU composer 270 may send the communication content to the assistant xbot 215 which may then send it to the client system 130 via the messaging platform 205 or the TTS module 275. More information on proactively assisting users may be found in U.S. patent application Ser. No. 15/967,193, filed 30 Apr. 2018, and U.S. patent application Ser. No. 16/036,827, filed 16 Jul. 2018, each of which is incorporated by reference.

In particular embodiments, the assistant xbot 215 may communicate with a proactive agent 285 in response to a user input. As an example and not by way of limitation, the user may ask the assistant xbot 215 to set up a reminder. The assistant xbot 215 may request a proactive agent 285 to set up such reminder and the proactive agent 285 may proactively execute the task of reminding the user at a later time.

In particular embodiments, the assistant system 140 may comprise a summarizer 290. The summarizer 290 may provide customized news feed summaries to a user. In particular embodiments, the summarizer 290 may comprise a plurality of meta agents. The plurality of meta agents may use the first-party agents 250, third-party agents 255, or proactive agents 285 to generated news feed summaries. In particular embodiments, the summarizer 290 may retrieve user interests and preferences from the proactive inference layer 280. The summarizer 290 may then retrieve entities associated with the user interests and preferences from the entity resolution module 240. The summarizer 290 may further retrieve a user profile from the user context engine 225. Based on the information from the proactive inference layer 280, the entity resolution module 240, and the user context engine 225, the summarizer 290 may generate personalized and context-aware summaries for the user. In particular embodiments, the summarizer 290 may send the summaries to the CU composer 270. The CU composer 270 may process the summaries and send the processing results to the assistant xbot 215. The assistant xbot 215 may then send the processed summaries to the client system 130 via the messaging platform 205 or the TTS module 275. More information on summarization may be found in U.S. patent application Ser. No. 15/967,290, filed 30 Apr. 2018, which is incorporated by reference.

FIG. 3 illustrates an example diagram flow of responding to a user request by the assistant system 140. In particular embodiments, the assistant xbot 215 may access a request manager 305 upon receiving the user request. The request manager 305 may comprise a context extractor 306 and a conversational understanding object generator (CU object generator) 307. The context extractor 306 may extract contextual information associated with the user request. The context extractor 306 may also update contextual information based on the assistant application 136 executing on the client system 130. As an example and not by way of limitation, the update of contextual information may comprise content items are displayed on the client system 130. As another example and not by way of limitation, the update of contextual information may comprise alarm is set on the client system 130. As another example and not by way of limitation, the update of contextual information may comprise a song is playing on the client system 130. The CU object generator 307 may generate particular content objects relevant to the user request. The content objects may comprise dialog-session data and features associated with the user request, which may be shared with all the modules of the assistant system 140. In particular embodiments, the request manager 305 may store the contextual information and the generated content objects in data store 310 which is a particular data store implemented in the assistant system 140.

In particular embodiments, the request manger 305 may send the generated content objects to the NLU module 220. The NLU module 220 may perform a plurality of steps to process the content objects. At step 221, the NLU module 220 may generate a whitelist for the content objects. In particular embodiments, the whitelist may comprise interpretation data matching the user request. At step 222, the NLU module 220 may perform a featurization based on the whitelist. At step 223, the NLU module 220 may perform domain classification/selection on user request based on the features resulted from the featurization to classify the user request into predefined domains. The domain classification/selection results may be further processed based on two related procedures. At step 224 a, the NLU module 220 may process the domain classification/selection result using an intent classifier. The intent classifier may determine the user's intent associated with the user request. In particular embodiments, there may be one intent classifier for each domain to determine the most possible intents in a given domain. As an example and not by way of limitation, the intent classifier may be based on a machine-learning model that may take the domain classification/selection result as input and calculate a probability of the input being associated with a particular predefined intent. At step 224 b, the NLU module may process the domain classification/selection result using a meta-intent classifier. The meta-intent classifier may determine categories that describe the user's intent. In particular embodiments, intents that are common to multiple domains may be processed by the meta-intent classifier. As an example and not by way of limitation, the meta-intent classifier may be based on a machine-learning model that may take the domain classification/selection result as input and calculate a probability of the input being associated with a particular predefined meta-intent. At step 225 a, the NLU module 220 may use a slot tagger to annotate one or more slots associated with the user request. In particular embodiments, the slot tagger may annotate the one or more slots for the n-grams of the user request. At step 225 b, the NLU module 220 may use a meta slot tagger to annotate one or more slots for the classification result from the meta-intent classifier. In particular embodiments, the meta slot tagger may tag generic slots such as references to items (e.g., the first), the type of slot, the value of the slot, etc. As an example and not by way of limitation, a user request may comprise “change 500 dollars in my account to Japanese yen.” The intent classifier may take the user request as input and formulate it into a vector. The intent classifier may then calculate probabilities of the user request being associated with different predefined intents based on a vector comparison between the vector representing the user request and the vectors representing different predefined intents. In a similar manner, the slot tagger may take the user request as input and formulate each word into a vector. The intent classifier may then calculate probabilities of each word being associated with different predefined slots based on a vector comparison between the vector representing the word and the vectors representing different predefined slots. The intent of the user may be classified as “changing money”. The slots of the user request may comprise “500”, “dollars”, “account”, and “Japanese yen”. The meta-intent of the user may be classified as “financial service”. The meta slot may comprise “finance”.

In particular embodiments, the NLU module 220 may improve the domain classification/selection of the content objects by extracting semantic information from the semantic information aggregator 230. In particular embodiments, the semantic information aggregator 230 may aggregate semantic information in the following way. The semantic information aggregator 230 may first retrieve information from the user context engine 225. In particular embodiments, the user context engine 225 may comprise offline aggregators 226 and an online inference service 227. The offline aggregators 226 may process a plurality of data associated with the user that are collected from a prior time window. As an example and not by way of limitation, the data may include news feed posts/comments, interactions with news feed posts/comments, search history, etc. that are collected from a prior 90-day window. The processing result may be stored in the user context engine 225 as part of the user profile. The online inference service 227 may analyze the conversational data associated with the user that are received by the assistant system 140 at a current time. The analysis result may be stored in the user context engine 225 also as part of the user profile. In particular embodiments, both the offline aggregators 226 and online inference service 227 may extract personalization features from the plurality of data. The extracted personalization features may be used by other modules of the assistant system 140 to better understand user input. In particular embodiments, the semantic information aggregator 230 may then process the retrieved information, i.e., a user profile, from the user context engine 225 in the following steps. At step 231, the semantic information aggregator 230 may process the retrieved information from the user context engine 225 based on natural-language processing (NLP). In particular embodiments, the semantic information aggregator 230 may tokenize text by text normalization, extract syntax features from text, and extract semantic features from text based on NLP. The semantic information aggregator 230 may additionally extract features from contextual information, which is accessed from dialog history between a user and the assistant system 140. The semantic information aggregator 230 may further conduct global word embedding, domain-specific embedding, and/or dynamic embedding based on the contextual information. At step 232, the processing result may be annotated with entities by an entity tagger. Based on the annotations, the semantic information aggregator 230 may generate dictionaries for the retrieved information at step 233. In particular embodiments, the dictionaries may comprise global dictionary features which can be updated dynamically offline. At step 234, the semantic information aggregator 230 may rank the entities tagged by the entity tagger. In particular embodiments, the semantic information aggregator 230 may communicate with different graphs 330 including social graph, knowledge graph, and concept graph to extract ontology data that is relevant to the retrieved information from the user context engine 225. In particular embodiments, the semantic information aggregator 230 may aggregate the user profile, the ranked entities, and the information from the graphs 330. The semantic information aggregator 230 may then send the aggregated information to the NLU module 220 to facilitate the domain classification/selection.

In particular embodiments, the output of the NLU module 220 may be sent to a co-reference module 315 to interpret references of the content objects associated with the user request. In particular embodiments, the co-reference module 315 may be used to identify an item the user request refers to. The co-reference module 315 may comprise reference creation 316 and reference resolution 317. In particular embodiments, the reference creation 316 may create references for entities determined by the NLU module 220. The reference resolution 317 may resolve these references accurately. In particular embodiments, the co-reference module 315 may access the user context engine 225 and the dialog engine 235 when necessary to interpret references with improved accuracy.

In particular embodiments, the identified domains, intents, meta-intents, slots, and meta slots, along with the resolved references may be sent to the entity resolution module 240 to resolve relevant entities. The entity resolution module 240 may execute generic and domain-specific entity resolution. In particular embodiments, the entity resolution module 240 may comprise domain entity resolution 241 and generic entity resolution 242. The domain entity resolution 241 may resolve the entities by categorizing the slots and meta slots into different domains. In particular embodiments, entities may be resolved based on the ontology data extracted from the graphs 330. The ontology data may comprise the structural relationship between different slots/meta-slots and domains. The ontology may also comprise information of how the slots/meta-slots may be grouped, related within a hierarchy where the higher level comprises the domain, and subdivided according to similarities and differences. The generic entity resolution 242 may resolve the entities by categorizing the slots and meta slots into different generic topics. In particular embodiments, the resolving may be also based on the ontology data extracted from the graphs 330. The ontology data may comprise the structural relationship between different slots/meta-slots and generic topics. The ontology may also comprise information of how the slots/meta-slots may be grouped, related within a hierarchy where the higher level comprises the topic, and subdivided according to similarities and differences. As an example and not by way of limitation, in response to the input of an inquiry of the advantages of a car, the generic entity resolution 242 may resolve the car as vehicle and the domain entity resolution 241 may resolve the car as electric car.

In particular embodiments, the output of the entity resolution module 240 may be sent to the dialog engine 235 to forward the flow of the conversation with the user. The dialog engine 235 may comprise dialog intent resolution 236 and dialog state update/ranker 237. In particular embodiments, the dialog intent resolution 236 may resolve the user intent associated with the current dialog session based on dialog history between the user and the assistant system 140. The dialog intent resolution 236 may map intents determined by the NLU module 220 to different dialog intents. The dialog intent resolution 236 may further rank dialog intents based on signals from the NLU module 220, the entity resolution module 240, and dialog history between the user and the assistant system 140. In particular embodiments, the dialog state update/ranker 237 may update/rank the dialog state of the current dialog session. As an example and not by way of limitation, the dialog state update/ranker 237 may update the dialog state as “completed” if the dialog session is over. As another example and not by way of limitation, the dialog state update/ranker 237 may rank the dialog state based on a priority associated with it.

In particular embodiments, the dialog engine 235 may communicate with a task completion module 335 about the dialog intent and associated content objects. In particular embodiments, the task completion module 335 may rank different dialog hypotheses for different dialog intents. The task completion module 335 may comprise an action selection component 336. In particular embodiments, the dialog engine 235 may additionally check against dialog policies 320 regarding the dialog state. In particular embodiments, a dialog policy 320 may comprise a data structure that describes an execution plan of an action by an agent 340. An agent 340 may select among registered content providers to complete the action. The data structure may be constructed by the dialog engine 235 based on an intent and one or more slots associated with the intent. A dialog policy 320 may further comprise multiple goals related to each other through logical operators. In particular embodiments, a goal may be an outcome of a portion of the dialog policy and it may be constructed by the dialog engine 235. A goal may be represented by an identifier (e.g., string) with one or more named arguments, which parameterize the goal. As an example and not by way of limitation, a goal with its associated goal argument may be represented as {confirm_artist, args: {artist: “Madonna”}}. In particular embodiments, a dialog policy may be based on a tree-structured representation, in which goals are mapped to leaves of the tree. In particular embodiments, the dialog engine 235 may execute a dialog policy 320 to determine the next action to carry out. The dialog policies 320 may comprise generic policy 321 and domain specific policies 322, both of which may guide how to select the next system action based on the dialog state. In particular embodiments, the task completion module 335 may communicate with dialog policies 320 to obtain the guidance of the next system action. In particular embodiments, the action selection component 336 may therefore select an action based on the dialog intent, the associated content objects, and the guidance from dialog policies 320.

In particular embodiments, the output of the task completion module 335 may be sent to the CU composer 270. In alternative embodiments, the selected action may require one or more agents 340 to be involved. As a result, the task completion module 335 may inform the agents 340 about the selected action. Meanwhile, the dialog engine 235 may receive an instruction to update the dialog state. As an example and not by way of limitation, the update may comprise awaiting agents' response. In particular embodiments, the CU composer 270 may generate a communication content for the user using the NLG 271 based on the output of the task completion module 335. In particular embodiments, the NLG 271 may use different language models and/or language templates to generate natural language outputs. The generation of natural language outputs may be application specific. The generation of natural language outputs may be also personalized for each user. The CU composer 270 may also determine a modality of the generated communication content using the UI payload generator 272. Since the generated communication content may be considered as a response to the user request, the CU composer 270 may additionally rank the generated communication content using a response ranker 273. As an example and not by way of limitation, the ranking may indicate the priority of the response.

In particular embodiments, the output of the CU composer 270 may be sent to a response manager 325. The response manager 325 may perform different tasks including storing/updating the dialog state 326 retrieved from data store 310 and generating responses 327. In particular embodiments, the output of CU composer 270 may comprise one or more of natural-language strings, speech, or actions with parameters. As a result, the response manager 325 may determine what tasks to perform based on the output of CU composer 270. In particular embodiments, the generated response and the communication content may be sent to the assistant xbot 215. In alternative embodiments, the output of the CU composer 270 may be additionally sent to the TTS module 275 if the determined modality of the communication content is audio. The speech generated by the TTS module 275 and the response generated by the response manager 325 may be then sent to the assistant xbot 215.

Secure Authentication for Assistant Systems

A user may request information or services from an assistant system 140, and in response the assistant system 140 may authenticate the user to verify the user's identity. If the authentication is successful, e.g., the user's identity is verified, then, subject to the user's privacy settings and any other applicable privacy settings, the assistant system 140 may provide the requested information or services to the user. The provided information may be retrieved from the social-networking system 160, e.g., user profile information, information from a social graph, such as a list of the user friends, information about nearby places, or other information, e.g., weather forecasts, search results, and so on. The provided services may include services performed by the social-networking system 160, e.g., reading and sending messages or newsfeed entries, scheduling meetings, sharing information with friends, and so on. More information on voice authentication may be found in U.S. patent application Ser. No. 15/386,282, filed 21 Dec. 2016, which is incorporated by reference.

FIG. 4 illustrates an example diagram flow 400 of authenticating a user by the assistant system 140. A module of the assistant system 140, such as an assistant xbot 215, may receive user input that includes an access request 402, which may be a request to access information or services for which user authentication may be needed. The access request 402 may be received via voice input or other input modality. For example, the access request 402 may be “Send a message to Alice.” Communications that may be via audio, such as voice or other sounds, are shown as dashed lines. Communications shown as dashed lines may alternatively or additionally be via wireless radio signals, e.g., BLUETOOTH, NFC, WIFI, or the like, or via wired signals, e.g., Ethernet or the like. Communications shown as solid lines may be via wireless radio signals or wired signals, for example.

In particular embodiments, upon receiving the access request 402, a module of the assistant system 140, such as the assistant xbot 215, may send a code request 404 to an authentication server 460. The code request 404 may be a request to generate an authentication code for use in authenticating a user of the client device 130. The authentication code may be, for example, a numeric value that is different for each request. The authentication server 460 may be the server 162 of the social-networking system 160, a server of the assistant system 140, a third-party authentication server of a third-party provider 265 used by third-party agents 255 for user authentication, or other suitable server that performs authentication operations as described herein.

In particular embodiments, upon receiving the code request 404, the authentication server 460 may generate the authentication code and encode it to form a binary-encoded code 406 that can be sent to the client system 130. The encoded code 406 is labeled “code (binary)” in FIG. 4 to indicate that the encoded code 406 may be encoded as binary data in any suitable format, such as an audio clip, a numeric representation of the code, or the like. The binary-encoded code 406 may be sent using secure network communication, such as an encrypted data connection, a secure messaging platform, or the like.

If the binary-encoded code 406 is an audio clip, then the audio clip, when played on the mobile device's speaker, may be detected and recorded by a microphone of the assistant system to receive the authentication code. The audio clip may be a sound referred to herein as a chirp that is based on the authentication code and can be decoded, after being received by a microphone or other audio input device, to recover the authentication code. The audio clip may alternatively be speech generated based on the authentication code, e.g., using the TTS module 275. For the code “1234” the speech may be the spoken sequence of numbers 1, 2, 3, and 4. If the binary-encoded code 406 is a numeric representation of the authentication code, then the binary-encoded code 406 may be, e.g., a number or string value. For example, the binary-encoded code 406 may be “1234” for the authentication code 1234. In particular embodiments, the authentication server 460 may then send the binary-encoded code 406 to the client system 130, e.g., via the network 150, and the client system 130 may receive the binary-encoded code 406.

In particular embodiments, the authentication server may send a confirmation request 408 a to the assistant xbot 215, a confirmation request 408 b to the client system 130, or both confirmation requests 408 a,b. The confirmation requests 408 may be requests to ask the user of the client device 130 to confirm that he or she intended to request the information or services for which the access request 402 was received. The authentication server 460 may include a text or speech representation of the access request 402 in each of the confirmation requests 408. The text or speech representation may include the intent and slot(s) of the access request 402 to identify the particular access request 402. For example, the confirmation requests 408 may include the text “Are you sure you want to send a message to Alice?”

Upon receiving the confirmation request 408 a, the assistant xbot 215 may send a confirmation prompt 410 to the client system 130 to cause the client system 130 to prompt the user to confirm the request for information or services. The confirmation prompt 410 may be based on the content included in the confirmation request 408 a. As an example, the assistant xbot 215 or another module of the assistant system 140 may generate and play audible speech containing the content of the confirmation request 408 a. The confirmation prompt 410 may be, for example, audio containing the spoken phrase “Are you sure you want to send a message to Alice?” In this example, the confirmation prompt 410 is sent as speech by playing the audio using a speaker of the assistant system 140. Alternatively or additionally, the assistant xbot 215 may send text containing the content to a TTS module 275, which may generate speech and send an audio clip of the speech to the client system 130, which may play the audio clip. In this example, the confirmation prompt 410 is sent in the audio clip via a communication network such as the network 150.

In particular embodiments, the authentication server 460 may send a confirmation request 408 b to the client system 130. The confirmation request 408 b may be similar to the confirmation request 408 a. The client system 130 may display the content of the confirmation request 408 b as a visual confirmation prompt 414. For example, the visual confirmation prompt may include the text “Send a message to Alice?” and may be displayed with user interface elements that the user may select to confirm or cancel the message sending request. The client system 130 may display the prompt, e.g., as text on the client system's screen. The prompt displayed by the client system may provide instructions specific to the client system, e.g., “Tap to confirm sending a message to Alice.”

In particular embodiments, if the user confirms the request for the information or service, e.g., by speaking the word “yes” in response to the spoken confirmation prompt 410, or by selecting a confirm option in a user interface of the client system 130 in response to the visual confirmation prompt 414, then the client system 130 may communicate the authentication code 418 received from the authentication server 460 to the assistant system 140 via a second type of communication. For example, the client system 130 may communicate the authentication code using audio communication by generating and playing a code sound 418 a via one or more speakers of the client system 130. The code sound 418 a may be generated based on the binary code 406 received from the authentication server 460. Thus the code sound 418 a may be generated from the audio clip received from the authentication server 460 (e.g., as a copy of the audio clip) Alternatively, the code sound 418 a may be generated based on a numeric representation of the code from the authentication server 460. In this example, if the numeric representation is 1234, the code sound 418 a may be an encoding of the value 1234 as an audible or inaudible “chirp” sound. For example, the audio may be obtained by mapping the code to audio frequencies. The audio frequencies may be audible or inaudible to human hearing. Alternatively, the audio may be generated by converting the code to speech using a text-to-speech technique.

As another alternative, a code sound 418 b may be based on a voice encoding of the authentication code, which may be received from the authentication server 460 as an audio clip or may be generated by the client system 130 based on the numeric representation of the code. An ASR module 210 may convert the audio clip to text 418 c, which may be sent to the assistant using a communication network. The client system 130 may receive the code and store it for subsequent use in generating a sound code 418 a or a voice code 418 b.

In particular embodiments, the user may be prompted to unlock the client system 130 prior to the client system 130 playing back the audio data. The user may unlock the client system 130 by entering a passcode or password so that an application can access the client system's speaker. In particular embodiments, the client system 130 and assistant system 140 may be located sufficiently close to each other so that a microphone of the assistant system can capture the sound from the client system. In particular embodiments, the assistant xbot 215 may receive the code sound 418 a, e.g., via a microphone. Alternatively or additionally, the assistant xbot 215 may receive the code text 418 c, e.g., via a communication network.

The assistant xbot 215 may then send the received code 422 to the authentication server 460, which may verify that the received code 422 matches the code that was previously generated by the authentication server 460 and sent to the client system 130. If the two codes match, the identity of the user of the client system 130 has been successfully authenticated, and the user may be granted access to the requested information 420 or services. The authentication code may expire after a period of time has passed, at which time access to the information 420 or services may no longer be granted until the user is re-authenticated. The authentication code may expire after a short period of time to prevent the code from being recorded and used at a later time. As an example, if the audio file was generated by mapping a code to audio frequencies (e.g., a chirp), then a reverse mapping may be used to map the audio frequencies back to a code. If the resulting code matches the code previously generated by the authentication server 460, then the authentication server 460 may verify that the authentication code is valid, and the information 420 may be provided in response to the user's request.

FIGS. 5A-5B illustrate an example interaction diagram of authentication using the assistant system. FIG. 5A illustrates an example interaction diagram in which an assistant system 140 receives a user request to access information or services and interacts with an authentication server 460 to authenticate the user with confirmation of the user's intent. At step 502, a user may speak a voice request, e.g., “Send a message to Alice.” The voice request may include an utterance, e.g., the sound spoken by the user. The utterance may have an intent, e.g., an action to be performed. The intent may also be associated with one or more slots. In particular embodiments, at step 504 the assistant system 140 may receive user input, which may include audio input the user, e.g., via a microphone. The audio input may include a request for information or services. The assistant system 140 may convert the utterance to text using the ASR module 210. The assistant system 140 may analyze the utterance to determine the intent and slot(s). For example, for the utterance “Send a message to Alice,” the intent may be to send a message, and the slot may be the recipient “Alice.”

At step 504, the assistant system 140 may determine, based on the intent of the utterance, that authentication is needed. User authentication may be needed if, for example, the intent corresponds to one or more operations that require user authentication. As another example, user authentication may be needed when the requested information or services are private, e.g., information subject to privacy settings in the social-networking system 160. For example, the assistant system 140 may determine that the request is for information or services provided by the social-networking system 160, and that the request is to be authenticated by an authentication server 460. As an example, for the utterance “Send a message to Alice,” the assistant system 140 may determine that the utterance is a message directed to the social-networking system 160, since the social-networking system 160 knows how to send messages, and the user has previously indicated that the social-networking system 160 is to be used to send messages.

In particular embodiments, if authentication is needed, step 504 may begin a process to authenticate the user using (a) a secure network connection between the user's client system 130 and the assistant system 140, and (b) a second type of communication between the assistant system 140 and the user's client system 130. The second type of communication may be, for example, via sound generated by a speaker on the client system 130 and received by a microphone on the assistant system 140. Other second types of communication are possible as well, e.g., BLUETOOTH or Near-Field Communication (NFC). At step 504, the assistant system 140 may send a request to authenticate the user of the client system 130 to the authentication server 460. The request may include first authentication information based on the audio input and a user identifier associated with the user. The first authentication information may include the intent, associated slot(s) (if any), and the user identifier. The first authentication information may optionally also include the utterance.

At step 506, the authentication server 460 may receive the request from the assistant system 140 and generate an authentication code, which may be a numeric value that is different for each request, e.g., a nonce that is used once. The code may be based on a random or pseudo-random number meant to ensure that old communications are not reused in replay attacks. In particular embodiments, the authentication code may be generated by encrypting the numeric value, or by encrypting a combination of the numeric value and a message authentication code (MAC) based on the numeric value, or other suitable security technique that can be used to verify that the authentication code was generated by the authentication server 460. The code may have an expiration time, in which case a suitable security technique may be used to verify that the authentication code was generated by the authentication server 460 and has not expired. At step 506, the authentication server 460 may send the authentication code to the user's client system 130, which may receive the code and store it for subsequent use. The authentication server 460 may store the generated authentication code in a memory or other storage media in association with the user identifier.

At step 508, the authentication server 460 may send instructions to the assistant system 140 to prompt the user to confirm their request for information or services. The assistant system 140 may generate and play an audio form of the prompt, e.g., using text-to-speech at step 510. The prompt may include a description of the intent of the user's request for information or services. For example, if the request is to send a message to another user, then the intent may be sending a message. The prompt may be, e.g., “Please confirm that you would like to send a message to Alice” if the intent of the request is to send a message to another user named Alice. The authentication server 460 may also send instructions at step 508 to the user's client system 130 to prompt the user to confirm their request for information or services. At step 514, the client system 130 may display the prompt, e.g., as text on the device's screen. The prompt may be displayed as a pop-up window or dialog box, for example. The prompt displayed by the client system 130 may be the same as the prompt spoken by the assistant system 140. Alternatively, the prompt displayed by the client system 130 may provide instructions specific to the client system 130, e.g., “Tap to confirm sending a message to Alice.”

At step 512, the assistant device 140 may listen for audio input, e.g., via a microphone. The listening may begin in response to receiving the instructions to prompt the user, or may begin in response to receiving specific instructions, e.g., from the authentication server 460 or assistant system 140, to begin listening. The instructions may indicate a frequency at which to listen. At step 516, the client system 130 may receive confirmation from the user, e.g., a tap on the device's screen. At step 518, the client system 130 may generate and play audio containing the previously-received code. The audio may be a “chirp” based on the code. For example, the audio may be obtained by mapping the code to audio frequencies. The audio frequencies may be audible or inaudible to human hearing. Alternatively, the audio may be generated by converting the code to speech using a text-to-speech technique.

At step 520, the assistant system 140 may receive, via a second type of communication, an input containing an authentication code, which may be referred to herein as a “first” authentication code. For example, the assistant system 140 may receive the second audio input sent by the client system at step 518. The received second audio input may include the authentication code generated by the authentication server 460. The authentication code generated by the authentication server 460 may be referred to herein as a “second” authentication code. Thus, if the first authentication code matches, e.g., is the same as, the second authentication code, then the user may be successfully authenticated. The authentication server 460 may determine whether the first and second authentication codes match, as described below.

At step 522, the assistant system 140 may send second authentication information based on the second audio input to the authentication server 460 for verification. The second audio input may contain a code, and the assistant system 140 may extract the code from the second audio input, e.g., using voice recognition. The second authentication information may be an audio file containing the second audio input, or may be the extracted code. The second authentication information may include the user identifier or other information that the authentication server may use to identify the generated authentication code that was associated with the user identifier in a memory or other storage media at step 506.

At step 524, the authentication server 460 may determine whether authentication is successful. The authentication server 460 may receive the second authentication information, which may include the extracted code or the audio file containing the second audio input from the assistant system 140 via the secure network communication. If the authentication server 460 receives the audio file, then the authentication server 460 may convert the audio file to a code. For example, if the audio file was generated by mapping a code to audio frequencies (e.g., a chirp), then a reverse mapping may be used to map the audio frequencies back to a code. If the resulting code matches the code previously generated by the authentication server 460, then the authentication server 460 may verify that the authentication code is valid, e.g., by sending a verification message to the assistant system indicating that the user has successfully been authenticated and the requested information may be provided to the user. The code previously generated by the authentication server 460 may be the authentication code that was associated with the user identifier in a memory or other storage media at step 506. The authentication server 460 may retrieve the user identifier from the received second authentication information. The assistant system 140 may receive the verification of the authentication code and the information responsive to the user's request.

The assistant system 140 may be able to receive multimodal inputs, including audio inputs (i.e., the user's voice commands), and respond with synthesized speech from a natural-language generation module as output. However, the assistant system 140 may not be able to receive other types of input ordinarily used for authentication, such as keyboard or fingerprint input. Furthermore, the assistant system 140 may be located in a public place, so any person in the vicinity may speak commands and hear the information spoken to/by the assistant system. A user may speak commands to access the user's private data, such as “send a message to Jim that I'm going to be 15 minutes late” or “read my messages from Suzie.” Users who interact with the assistant system 140 should thus be authenticated prior to accessing private online information via the assistant system 140. The assistant system 140 may be a third-party device, so limited information may be available from the device for use in authentication. The disclosed technique thus uses the audio of a user's speech (received from the assistant system) and a secure pre-authenticated network communication channel with the user (via another device, such as the user's client system running Messenger), which may securely provide authentication information to the assistant system 140 (e.g., by emitting a sub-auditory “chirp” with a complex single-use authentication code that is heard by the assistant). While this disclosure focuses on authentication before allowing an assistant system 140 to access private user information, this process is applicable to controlling access to any suitable task executable by the assistant system 140 (e.g., scheduling meetings, sending messages, etc.).

In particular embodiments, as described above, in response to a request to access information that requires authentication, an authentication server 460 may generate a code, encode the code into audio data, and send the audio data to the user's client system 130 via a secure channel (e.g., encrypted data sent to the Messenger app via WiFi, cellular data, or other suitable network). The client system 130 may communicate the audio data to the assistant system 140 by playing back the audio data as sound using a speaker. The client system may need to be unlocked by the user prior to playing back the audio data, e.g., so that an app such as Messenger can access the speaker and play back the audio data. A notification may be presented to the user with instructions such as “Please unlock your device” or “Please open the Messenger application.” If the user is not already logged into Messenger on their client system 130, they may have to do so at this point to continue. The user may also be presented with a prompt by the Messenger application at this point to request permission to emit the audio data from the speakers of the client system 130. After the user confirms the audio data can be emitted, the assistant system 140 receives the sound through its microphone (assuming it is within listening range), and encodes the sound to form response data. The response data includes the code if the code was correctly communicated from the client system 130 to the assistant system 140. The assistant system 140 then sends the response data to the authentication server 460, and the authentication server 460 verifies that the response data includes the correct code. If so, the identity of the user has been successfully authenticated, and access may be granted to private information (e.g., the user's private messages on Messenger, access to various tasks provided by the assistant system). The authentication may expire after a period of time has passed, in which case access to private information is no longer granted. The code may expire after a short period of time so that it cannot be recorded and used at a later time.

In particular embodiments, there are a number of options for generating and encoding the authentication code on the authentication server 460. The code may be encoded as data that, when played back by the user's client system 130, generates a sound that can be received by the assistant system 140. The sound may be a sub-auditory “chirp”, which is at a frequency inaudible to human ears (if the client system's speaker can generate and the assistant system's microphone can receive such a frequency). The sound may alternatively be at a frequency audible to humans, e.g., an auditory “chirp” that can be received by the assistant system. The inaudible frequency is considered better because, e.g., it is unobtrusive and may be less susceptible to interference from other sounds. The assistant system may record the sound (the chirp) when it is played back by the client system 130 and send the recording of the sound to the authentication server 460. Furthermore, longer, more complex codes are also considered better, e.g., because they may be more difficult to hack or reproduce. For a more complex code (e.g., 2000 bits), the speakers on the transmitting device and the microphone on the listening device would both have to be high quality to ensure the code can consistently be transmitted completely.

Alternatively, the code may be encoded using text-to-speech so that the client system 130 plays back speech that can be recognized by the assistant system 140 and converted to a value such as a number or a combination of numbers and letters. The text-to-speech encoding may be performed by the authentication server 460, or the authentication server 460 may send the code to the client system 130, and the client system 130 may perform the text-to-speech encoding. For example, the code “3601” may be encoded using text-to-speech as the sound of the number 3601 being pronounced by a speech synthesizer. The client system 130 may then play back or synthesize audio in which the number “3601” is spoken. The assistant system 140 may recognize the speech as the number 3601 and send the numeric value 3601 to the authentication server 460 via the secure channel. The assistant system 140 may alternatively record the speech played back or synthesized by the client system 130 and send the recording to the authentication server 460. A code encoded as speech may be relatively short, since speaking many digits may result in a noticeable delay in the authentication.

In particular embodiments, when a user is successfully authenticated to the assistant system 140, at least three conditions have been met: the user has been authenticated to, e.g., logged in to, an application on the client system 130, such as Messenger, the user is in close physical proximity to the client system 130 and the assistant system 140, and the authentication was performed within a short time (because the code is ephemeral, e.g., has an expiration time). Requiring that the user be authenticated to the client system 130 provides a signal that the user is present (as opposed to a different person using the client system 130), and may permit the application to present a prompt, e.g., on the client system's lock screen, asking the user to confirm the requested operation, as described above. Thus, a user who is logged into the Messenger application may be authenticated to the assistant system 140 successfully without unlocking the client system 130. The user may be required to unlock the client system 130 to provide additional assurance that the authenticated user is present and using the client system 130. As an example and not by way of limitation, a user who confirms the requested operation in response to a prompt on the client system's lock screen but does not unlock the device may be permitted to perform lower-privacy-level tasks (e.g., “read my newsfeed to me”). However, for higher-privacy-level tasks (e.g., “read my messages to me”), the user may be required to unlock the device in addition to confirming the requested operation.

In particular embodiments, the volume of the sound played back by the client system 130 (e.g., the chirp) may be used to control the maximum distance of the client system 130 from the assistant system 140, since a low volume may be undetectable by the assistant system 140 beyond a certain distance. Thus, the volume of the sound played back may be used to establish that the user is present at the time of authentication.

In particular embodiments, as an alternative to audio encoding, if the assistant system 140 has a camera and can process images, the authentication code may be encoded in an image for display on the client system 130. The assistant system may then receive the code using its camera. As another alternative, other forms of radio communication, such BLUETOOTH or Near-Field Communication (NFC), may be used to send the code from the client system 130 to the assistant system. The volume may thus be used as an additional authentication signal to provide increased confidence that the authentication is valid.

In particular embodiments, as described above, at step 504, the assistant system 140 may send the utterance, intent, and user ID the authentication server 460. The user ID may be the user's social-networking system ID. At the time the assistant system 140 is configured to use the social-networking system 160, a link or other association may be established between an assistant system account and the user's social-networking system 160 account, so the user ID may be determined by the assistant system 140. The authentication server 460 may receive the utterance, intent, and user ID, and determine a privacy level based on the intent. For example, the authentication server 460 may determine that sending a message is a privacy Level 5 operation (e.g., the highest priority level), so the highest fidelity authentication, which is voice authentication, should be used.

In particular embodiments, the authentication server 460 may send a directive to a messaging application on the user's client system 130 to ask the user to unlock the client system 130. The authentication server 460 may generate a code and send it to the client system 130 with the directive. For example, at step 514, the client system 130 may display a notification asking the user to confirm, e.g., “I can send a message to Alice. Tap/unlock your device to confirm.” The assistant system 140 may tell the user via audio that the message can be sent and ask the user to tap the client system 130 to confirm. The assistant system may then begin listening for audio that contains the code. When the user taps or unlocks their client system 130, the client system 130 plays the audio (e.g., the chirp) that contains an encoding of the received code that (1) authenticates the sending of a message (intent), by the user, (2) and is time-limited (e.g., as a time-to-live of 5 seconds). The assistant system 140 may receive the audio, generate an audio file, and send the audio file to the authentication server 460. Alternatively, the client system 130 may speak the numeric, which the assistant system 140 may receive and translate to text, then transmit the text to the authentication server 460.

In particular embodiments, for the encoding options, there may be a spectrum of tradeoffs from best user experience and best authentication material to backwards compatible with many assistant systems 140 and intrusive to users. There are two dimensions: (1) the type of sound and (2) how the sound is transmitted from the assistant system 140 to the authentication server 460. The type of sound may range from a non-audio chirp that's transmitted to the social-networking system 160 as non-audio, which is densely-encoded information, to an audible, slow, and clear reading of an alphanumeric code that the assistant system hears and translates to text to be sent to the social-networking system 160. These options may be along two axes: A spectrum from audible to non-audible, and a spectrum from spoken human language (low information content) or a non-spoken chirp (high information content). The information passed back by the assistant system may vary accordingly, e.g., a spoken code may be passed back to the social-networking system 160 as text generated by speech-to-text, or a non-spoken code may be passed back as raw audio.

In particular embodiments, when the authentication server 460 receives the code on the same communication channel that was used to send the code, then the server 460 may execute the request and send information responsive to the intent back to the assistant system. For a short ephemeral period, the user may have an authenticated status, which means the user is likely present. During this period, the authentication server 460 may send messages and perform other operations on the user's behalf. For example, the authentication server 460 may send the message to Alice and send a notification back to the user indicating that the message has been sent to Alice.

In particular embodiments, when the authentication is successful, the authentication server 460 may use the assistant architecture to resolve who Alice is. The assistant system may analyze the sentence and determine that the sound “Alice” probably refers to a person and send the sound to the authentication server 460. Social graph information is not sent to the assistant system unless necessary. The assistant system may determine the intent and the corresponding slots. The intents used by the assistant system may be defined by the social-networking system 160. The authentication server 460 may perform entity resolution, e.g., by phonetically matching the sound “Alice” to the user's contacts to identify the particular user, and if needed, asking the user to disambiguate between different users with the first name Alice. Other portions of the social-networking system 160 assistant architecture may be used depending on what information the assistant system makes available to the authentication server 460. The assistant system and/or the authentication server 460 may use more of the assistant architecture, e.g., to identify intents, perform language recognition, and so on.

In particular embodiments, the assistant system may identify the user who is speaking. Multiple users may be linked to the assistant system (e.g., have been registered with it). The assistant system will identify the user who is speaking and send the corresponding user ID to the authentication server 460. Thus, the authentication flow described above may handle multiple users who are linked to the assistant system. Even if the users are not linked to the assistant system, the assistant system may still attempt to identify the users. If the assistant system's determination is incorrect (as may occur when the users are not linked to it), then access is denied. The user is not authorized successfully in the case of an incorrect identification of the user.

The disclosed authentication techniques may be used in particular situations when strong authentication is needed. The sensitivity of privacy-sensitive information may be categorized into one of 5 levels. For example, a user may ask “I'm bored, what should I do this weekend?” The question may be answered in a way that reveals privacy-sensitive information, e.g., the user's social graph, names of the user's friends, what the user did last week, what the user's friends are doing. Alternatively, the answer may be “There are some events happening in your area, such as the Star Wars art festival downtown.”

In particular embodiments, privacy level 5 may be the most sensitive level, and may correspond to commands that can return private information unforeseen by the user, e.g., “Read my messages from Lloyd.” The user does not necessarily know what secrets Lloyd's messages might reveal. Lower (less secure) privacy levels may use other types of authentication. At lower levels, other information may be substituted for authentication. For example, there may be level 3 or 4 scenarios in which voice recognition or facial recognition may be sufficient to identify a user, and authentication is not needed.

In particular embodiments, when a user has been authenticated, the user may remain authenticated for a period of time after which the authentication expires. The period of time may be longer if additional authentication-related information is available, e.g., a view of the user's face via a camera of the assistant system. The user's client system may be left open (e.g., unlocked) to extend the period of time. The device may repeat the non-audible chirp periodically (e.g., every 5 minutes) to confirm that the user is still near the assistant system, and the user may remain authenticated. A user may leave their client system open and in a location proximal to the assistant system to remain authenticated for an extended period of time.

In particular embodiments, the level of privacy may be determined based on the intent of a request. The corpus of data that could be sent to the user may also be associated with privacy levels. For example, the number of likes of a post may have a privacy level, and the names of the people who liked the posts may have a different privacy level. Signals such as facial recognition confidence and voice recognition confidence may be used to determine whether to initiate the authentication process described herein.

FIG. 5B illustrates an example interaction diagram in which an assistant system 140 receives a user request to access information or services and interacts with an authentication server 460 to authenticate the user and send the private information to the user's client device. Steps 502-506 of FIG. 5B are similar to steps 502-506 of FIG. 5A. In FIG. 5B, at step 532, the assistant system 140 may listen for audio or BLUETOOTH communication. At step 534, the client system 130 may send a received code via audio or BLUETOOTH to the assistant system 140. The received code may have been received from the authentication server 460 at step 506. At step 536, the assistant system 140 may receive the code via audio or BLUETOOTH. At step 538, the assistant system 140 may receive the send the received code to the authentication server 460. At step 540, the authentication server 406 may send, to the assistant system 140, the client system 130, or both, an indication that authentication is successful if the received code matches the generated code. At step 542, the assistant system may send the information requested by the user to the client system 130 if the authentication is successful. At step 544, the client system 130 may receive and display the information.

FIG. 6 illustrates an example method 600 for authentication using an assistant system 140. The method may begin at step 610, where the assistant system 140 may receive a first audio input from a user requesting access to information or a service. At step 620, the assistant system 140 may determine whether authentication is needed to access the information or service. Step 620 may also determine whether the private information or service is hosted by or otherwise available from a social-networking system 160. If step 620 determines that authentication is needed and the private information is hosted by the social-networking system 160, then step 630 may be performed. Otherwise, the method ends. At step 630, the assistant system 140 may send a request to access the information or service to an authentication server 460, wherein the request includes first authentication information based on the first audio input and further includes a user identifier associated with the user. At step 640, the assistant system 140 may receive a second audio input from a client system of the user, wherein the second audio input includes an authentication code generated by the authentication server 460. At step 650, the assistant system 140 may send second authentication information based on the second audio input to the authentication server 460 for verification. At step 660, the assistant system 140 may receive verification of the authentication code. At step 670, the assistant system 140 may provide, to the user, access to the information or service. Particular embodiments may repeat one or more steps of the method of FIG. 6, where appropriate. Although this disclosure describes and illustrates particular steps of the method of FIG. 6 as occurring in a particular order, this disclosure contemplates any suitable steps of the method of FIG. 6 occurring in any suitable order. Moreover, although this disclosure describes and illustrates an example method for authentication using an assistant system including the particular steps of the method of FIG. 6, this disclosure contemplates any suitable method for authentication using an assistant system including any suitable steps, which may include all, some, or none of the steps of the method of FIG. 6, where appropriate. Furthermore, although this disclosure describes and illustrates particular components, devices, or systems carrying out particular steps of the method of FIG. 6, this disclosure contemplates any suitable combination of any suitable components, devices, or systems carrying out any suitable steps of the method of FIG. 6.

Social Graphs

FIG. 7 illustrates an example social graph 700. In particular embodiments, the social-networking system 160 may store one or more social graphs 700 in one or more data stores. In particular embodiments, the social graph 700 may include multiple nodes—which may include multiple user nodes 702 or multiple concept nodes 704—and multiple edges 706 connecting the nodes. Each node may be associated with a unique entity (i.e., user or concept), each of which may have a unique identifier (ID), such as a unique number or username. The example social graph 700 illustrated in FIG. 7 is shown, for didactic purposes, in a two-dimensional visual map representation. In particular embodiments, a social-networking system 160, a client system 130, an assistant system 140, or a third-party system 170 may access the social graph 700 and related social-graph information for suitable applications. The nodes and edges of the social graph 700 may be stored as data objects, for example, in a data store (such as a social-graph database). Such a data store may include one or more searchable or queryable indexes of nodes or edges of the social graph 700.

In particular embodiments, a user node 702 may correspond to a user of the social-networking system 160 or the assistant system 140. As an example and not by way of limitation, a user may be an individual (human user), an entity (e.g., an enterprise, business, or third-party application), or a group (e.g., of individuals or entities) that interacts or communicates with or over the social-networking system 160 or the assistant system 140. In particular embodiments, when a user registers for an account with the social-networking system 160, the social-networking system 160 may create a user node 702 corresponding to the user, and store the user node 702 in one or more data stores. Users and user nodes 702 described herein may, where appropriate, refer to registered users and user nodes 702 associated with registered users. In addition or as an alternative, users and user nodes 702 described herein may, where appropriate, refer to users that have not registered with the social-networking system 160. In particular embodiments, a user node 702 may be associated with information provided by a user or information gathered by various systems, including the social-networking system 160. As an example and not by way of limitation, a user may provide his or her name, profile picture, contact information, birth date, sex, marital status, family status, employment, education background, preferences, interests, or other demographic information. In particular embodiments, a user node 702 may be associated with one or more data objects corresponding to information associated with a user. In particular embodiments, a user node 702 may correspond to one or more web interfaces.

In particular embodiments, a concept node 704 may correspond to a concept. As an example and not by way of limitation, a concept may correspond to a place (such as, for example, a movie theater, restaurant, landmark, or city); a website (such as, for example, a website associated with the social-networking system 160 or a third-party website associated with a web-application server); an entity (such as, for example, a person, business, group, sports team, or celebrity); a resource (such as, for example, an audio file, video file, digital photo, text file, structured document, or application) which may be located within the social-networking system 160 or on an external server, such as a web-application server; real or intellectual property (such as, for example, a sculpture, painting, movie, game, song, idea, photograph, or written work); a game; an activity; an idea or theory; another suitable concept; or two or more such concepts. A concept node 704 may be associated with information of a concept provided by a user or information gathered by various systems, including the social-networking system 160 and the assistant system 140. As an example and not by way of limitation, information of a concept may include a name or a title; one or more images (e.g., an image of the cover page of a book); a location (e.g., an address or a geographical location); a website (which may be associated with a URL); contact information (e.g., a phone number or an email address); other suitable concept information; or any suitable combination of such information. In particular embodiments, a concept node 704 may be associated with one or more data objects corresponding to information associated with concept node 704. In particular embodiments, a concept node 704 may correspond to one or more web interfaces.

In particular embodiments, a node in the social graph 700 may represent or be represented by a web interface (which may be referred to as a “profile interface”). Profile interfaces may be hosted by or accessible to the social-networking system 160 or the assistant system 170. Profile interfaces may also be hosted on third-party websites associated with a third-party system 170. As an example and not by way of limitation, a profile interface corresponding to a particular external web interface may be the particular external web interface and the profile interface may correspond to a particular concept node 704. Profile interfaces may be viewable by all or a selected subset of other users. As an example and not by way of limitation, a user node 702 may have a corresponding user-profile interface in which the corresponding user may add content, make declarations, or otherwise express himself or herself. As another example and not by way of limitation, a concept node 704 may have a corresponding concept-profile interface in which one or more users may add content, make declarations, or express themselves, particularly in relation to the concept corresponding to concept node 704.

In particular embodiments, a concept node 704 may represent a third-party web interface or resource hosted by a third-party system 170. The third-party web interface or resource may include, among other elements, content, a selectable or other icon, or other inter-actable object (which may be implemented, for example, in JavaScript, AJAX, or PHP codes) representing an action or activity. As an example and not by way of limitation, a third-party web interface may include a selectable icon such as “like,” “check-in,” “eat,” “recommend,” or another suitable action or activity. A user viewing the third-party web interface may perform an action by selecting one of the icons (e.g., “check-in”), causing a client system 130 to send to the social-networking system 160 a message indicating the user's action. In response to the message, the social-networking system 160 may create an edge (e.g., a check-in-type edge) between a user node 702 corresponding to the user and a concept node 704 corresponding to the third-party web interface or resource and store edge 706 in one or more data stores.

In particular embodiments, a pair of nodes in the social graph 700 may be connected to each other by one or more edges 706. An edge 706 connecting a pair of nodes may represent a relationship between the pair of nodes. In particular embodiments, an edge 706 may include or represent one or more data objects or attributes corresponding to the relationship between a pair of nodes. As an example and not by way of limitation, a first user may indicate that a second user is a “friend” of the first user. In response to this indication, the social-networking system 160 may send a “friend request” to the second user. If the second user confirms the “friend request,” the social-networking system 160 may create an edge 706 connecting the first user's user node 702 to the second user's user node 702 in the social graph 700 and store edge 706 as social-graph information in one or more of data stores 167. In the example of FIG. 7, the social graph 700 includes an edge 706 indicating a friend relation between user nodes 702 of user “A” and user “B” and an edge indicating a friend relation between user nodes 702 of user “C” and user “B.” Although this disclosure describes or illustrates particular edges 706 with particular attributes connecting particular user nodes 702, this disclosure contemplates any suitable edges 706 with any suitable attributes connecting user nodes 702. As an example and not by way of limitation, an edge 706 may represent a friendship, family relationship, business or employment relationship, fan relationship (including, e.g., liking, etc.), follower relationship, visitor relationship (including, e.g., accessing, viewing, checking-in, sharing, etc.), subscriber relationship, superior/subordinate relationship, reciprocal relationship, non-reciprocal relationship, another suitable type of relationship, or two or more such relationships. Moreover, although this disclosure generally describes nodes as being connected, this disclosure also describes users or concepts as being connected. Herein, references to users or concepts being connected may, where appropriate, refer to the nodes corresponding to those users or concepts being connected in the social graph 700 by one or more edges 706.

In particular embodiments, an edge 706 between a user node 702 and a concept node 704 may represent a particular action or activity performed by a user associated with user node 702 toward a concept associated with a concept node 704. As an example and not by way of limitation, as illustrated in FIG. 7, a user may “like,” “attended,” “played,” “listened,” “cooked,” “worked at,” or “watched” a concept, each of which may correspond to an edge type or subtype. A concept-profile interface corresponding to a concept node 704 may include, for example, a selectable “check in” icon (such as, for example, a clickable “check in” icon) or a selectable “add to favorites” icon. Similarly, after a user clicks these icons, the social-networking system 160 may create a “favorite” edge or a “check in” edge in response to a user's action corresponding to a respective action. As another example and not by way of limitation, a user (user “C”) may listen to a particular song (“Imagine”) using a particular application (an online music application). In this case, the social-networking system 160 may create a “listened” edge 706 and a “used” edge (as illustrated in FIG. 7) between user nodes 702 corresponding to the user and concept nodes 704 corresponding to the song and application to indicate that the user listened to the song and used the application. Moreover, the social-networking system 160 may create a “played” edge 706 (as illustrated in FIG. 7) between concept nodes 704 corresponding to the song and the application to indicate that the particular song was played by the particular application. In this case, “played” edge 706 corresponds to an action performed by an external application on an external audio file (the song “Imagine”). Although this disclosure describes particular edges 706 with particular attributes connecting user nodes 702 and concept nodes 704, this disclosure contemplates any suitable edges 706 with any suitable attributes connecting user nodes 702 and concept nodes 704. Moreover, although this disclosure describes edges between a user node 702 and a concept node 704 representing a single relationship, this disclosure contemplates edges between a user node 702 and a concept node 704 representing one or more relationships. As an example and not by way of limitation, an edge 706 may represent both that a user likes and has used at a particular concept. Alternatively, another edge 706 may represent each type of relationship (or multiples of a single relationship) between a user node 702 and a concept node 704 (as illustrated in FIG. 7 between user node 702 for user “E” and concept node 704).

In particular embodiments, the social-networking system 160 may create an edge 706 between a user node 702 and a concept node 704 in the social graph 700. As an example and not by way of limitation, a user viewing a concept-profile interface (such as, for example, by using a web browser or a special-purpose application hosted by the user's client system 130) may indicate that he or she likes the concept represented by the concept node 704 by clicking or selecting a “Like” icon, which may cause the user's client system 130 to send to the social-networking system 160 a message indicating the user's liking of the concept associated with the concept-profile interface. In response to the message, the social-networking system 160 may create an edge 706 between user node 702 associated with the user and concept node 704, as illustrated by “like” edge 706 between the user and concept node 704. In particular embodiments, the social-networking system 160 may store an edge 706 in one or more data stores. In particular embodiments, an edge 706 may be automatically formed by the social-networking system 160 in response to a particular user action. As an example and not by way of limitation, if a first user uploads a picture, watches a movie, or listens to a song, an edge 706 may be formed between user node 702 corresponding to the first user and concept nodes 704 corresponding to those concepts. Although this disclosure describes forming particular edges 706 in particular manners, this disclosure contemplates forming any suitable edges 706 in any suitable manner.

Vector Spaces and Embeddings

FIG. 8 illustrates an example view of a vector space 800. In particular embodiments, an object or an n-gram may be represented in a d-dimensional vector space, where d denotes any suitable number of dimensions. Although the vector space 800 is illustrated as a three-dimensional space, this is for illustrative purposes only, as the vector space 800 may be of any suitable dimension. In particular embodiments, an n-gram may be represented in the vector space 800 as a vector referred to as a term embedding. Each vector may comprise coordinates corresponding to a particular point in the vector space 800 (i.e., the terminal point of the vector). As an example and not by way of limitation, vectors 810, 820, and 830 may be represented as points in the vector space 800, as illustrated in FIG. 8. An n-gram may be mapped to a respective vector representation. As an example and not by way of limitation, n-grams t₁ and t₂ may be mapped to vectors

and

in the vector space 800, respectively, by applying a function

defined by a dictionary, such that

=

(t₁) and

=

(t₂). As another example and not by way of limitation, a dictionary trained to map text to a vector representation may be utilized, or such a dictionary may be itself generated via training. As another example and not by way of limitation, a model, such as Word2vec, may be used to map an n-gram to a vector representation in the vector space 800. In particular embodiments, an n-gram may be mapped to a vector representation in the vector space 800 by using a machine leaning model (e.g., a neural network). The machine learning model may have been trained using a sequence of training data (e.g., a corpus of objects each comprising n-grams).

In particular embodiments, an object may be represented in the vector space 800 as a vector referred to as a feature vector or an object embedding. As an example and not by way of limitation, objects e₁ and e₂ may be mapped to vectors

and

in the vector space 800, respectively, by applying a function

, such that

=

(e₁) and

=

(e₂). In particular embodiments, an object may be mapped to a vector based on one or more properties, attributes, or features of the object, relationships of the object with other objects, or any other suitable information associated with the object. As an example and not by way of limitation, a function

may map objects to vectors by feature extraction, which may start from an initial set of measured data and build derived values (e.g., features). As an example and not by way of limitation, an object comprising a video or an image may be mapped to a vector by using an algorithm to detect or isolate various desired portions or shapes of the object. Features used to calculate the vector may be based on information obtained from edge detection, corner detection, blob detection, ridge detection, scale-invariant feature transformation, edge direction, changing intensity, autocorrelation, motion detection, optical flow, thresholding, blob extraction, template matching, Hough transformation (e.g., lines, circles, ellipses, arbitrary shapes), or any other suitable information. As another example and not by way of limitation, an object comprising audio data may be mapped to a vector based on features such as a spectral slope, a tonality coefficient, an audio spectrum centroid, an audio spectrum envelope, a Mel-frequency cepstrum, or any other suitable information. In particular embodiments, when an object has data that is either too large to be efficiently processed or comprises redundant data, a function

may map the object to a vector using a transformed reduced set of features (e.g., feature selection). In particular embodiments, a function

may map an object e to a vector

(e) based on one or more n-grams associated with object e. Although this disclosure describes representing an n-gram or an object in a vector space in a particular manner, this disclosure contemplates representing an n-gram or an object in a vector space in any suitable manner.

In particular embodiments, the social-networking system 160 may calculate a similarity metric of vectors in vector space 800. A similarity metric may be a cosine similarity, a Minkowski distance, a Mahalanobis distance, a Jaccard similarity coefficient, or any suitable similarity metric. As an example and not by way of limitation, a similarity metric of

and

may be a cosine similarity

$\frac{v_{1}^{\rightharpoonup} \cdot v_{2}^{\rightharpoonup}}{{v_{1}^{\rightharpoonup}}{v_{2}^{\rightharpoonup}}}.$ As another example and not by way of limitation, a similarity metric of

and

may be a Euclidean distance ∥

−

∥. A similarity metric of two vectors may represent how similar the two objects or n-grams corresponding to the two vectors, respectively, are to one another, as measured by the distance between the two vectors in the vector space 800. As an example and not by way of limitation, vector 810 and vector 820 may correspond to objects that are more similar to one another than the objects corresponding to vector 810 and vector 830, based on the distance between the respective vectors. Although this disclosure describes calculating a similarity metric between vectors in a particular manner, this disclosure contemplates calculating a similarity metric between vectors in any suitable manner.

More information on vector spaces, embeddings, feature vectors, and similarity metrics may be found in U.S. patent application Ser. No. 14/949,436, filed 23 Nov. 2015, U.S. patent application Ser. No. 15/286,315, filed 5 Oct. 2016, and U.S. patent application Ser. No. 15/365,789, filed 30 Nov. 2016, each of which is incorporated by reference.

Artificial Neural Networks

FIG. 9 illustrates an example artificial neural network (“ANN”) 900. In particular embodiments, an ANN may refer to a computational model comprising one or more nodes. Example ANN 900 may comprise an input layer 910, hidden layers 920, 930, 960, and an output layer 950. Each layer of the ANN 900 may comprise one or more nodes, such as a node 905 or a node 915. In particular embodiments, each node of an ANN may be connected to another node of the ANN. As an example and not by way of limitation, each node of the input layer 910 may be connected to one of more nodes of the hidden layer 920. In particular embodiments, one or more nodes may be a bias node (e.g., a node in a layer that is not connected to and does not receive input from any node in a previous layer). In particular embodiments, each node in each layer may be connected to one or more nodes of a previous or subsequent layer. Although FIG. 9 depicts a particular ANN with a particular number of layers, a particular number of nodes, and particular connections between nodes, this disclosure contemplates any suitable ANN with any suitable number of layers, any suitable number of nodes, and any suitable connections between nodes. As an example and not by way of limitation, although FIG. 9 depicts a connection between each node of the input layer 910 and each node of the hidden layer 920, one or more nodes of the input layer 910 may not be connected to one or more nodes of the hidden layer 920.

In particular embodiments, an ANN may be a feedforward ANN (e.g., an ANN with no cycles or loops where communication between nodes flows in one direction beginning with the input layer and proceeding to successive layers). As an example and not by way of limitation, the input to each node of the hidden layer 920 may comprise the output of one or more nodes of the input layer 910. As another example and not by way of limitation, the input to each node of the output layer 950 may comprise the output of one or more nodes of the hidden layer 960. In particular embodiments, an ANN may be a deep neural network (e.g., a neural network comprising at least two hidden layers). In particular embodiments, an ANN may be a deep residual network. A deep residual network may be a feedforward ANN comprising hidden layers organized into residual blocks. The input into each residual block after the first residual block may be a function of the output of the previous residual block and the input of the previous residual block. As an example and not by way of limitation, the input into residual block N may be F(x)+x, where F(x) may be the output of residual block N−1, x may be the input into residual block N−1. Although this disclosure describes a particular ANN, this disclosure contemplates any suitable ANN.

In particular embodiments, an activation function may correspond to each node of an ANN. An activation function of a node may define the output of a node for a given input. In particular embodiments, an input to a node may comprise a set of inputs. As an example and not by way of limitation, an activation function may be an identity function, a binary step function, a logistic function, or any other suitable function. As another example and not by way of limitation, an activation function for a node k may be the sigmoid function

${{F_{k}\left( s_{k} \right)} = \frac{1}{1 + e^{- s_{k}}}},$ the hyperbolic tangent function

${{F_{k}\left( s_{k} \right)} = \frac{e^{s_{k}} - e^{- s_{k}}}{e^{s_{k}} + e^{- s_{k}}}},$ the rectifier F_(k)(s_(k))=max(0, s_(k)), or any other suitable function F_(k)(s_(k)), where s_(k) may be the effective input to node k. In particular embodiments, the input of an activation function corresponding to a node may be weighted. Each node may generate output using a corresponding activation function based on weighted inputs. In particular embodiments, each connection between nodes may be associated with a weight. As an example and not by way of limitation, a connection 925 between the node 905 and the node 915 may have a weighting coefficient of 0.4, which may indicate that 0.4 multiplied by the output of the node 905 is used as an input to the node 915. As another example and not by way of limitation, the output y_(k) of node k may be y_(k)=F_(k)(S_(k)), where F_(k) may be the activation function corresponding to node k, s_(k)=Σ_(j) (w_(jk)x_(j)) may be the effective input to node k, x_(j) may be the output of a node j connected to node k, and w_(jk) may be the weighting coefficient between node j and node k. In particular embodiments, the input to nodes of the input layer may be based on a vector representing an object. Although this disclosure describes particular inputs to and outputs of nodes, this disclosure contemplates any suitable inputs to and outputs of nodes. Moreover, although this disclosure may describe particular connections and weights between nodes, this disclosure contemplates any suitable connections and weights between nodes.

In particular embodiments, an ANN may be trained using training data. As an example and not by way of limitation, training data may comprise inputs to the ANN 900 and an expected output. As another example and not by way of limitation, training data may comprise vectors each representing a training object and an expected label for each training object. In particular embodiments, training an ANN may comprise modifying the weights associated with the connections between nodes of the ANN by optimizing an objective function. As an example and not by way of limitation, a training method may be used (e.g., the conjugate gradient method, the gradient descent method, the stochastic gradient descent) to backpropagate the sum-of-squares error measured as a distances between each vector representing a training object (e.g., using a cost function that minimizes the sum-of-squares error). In particular embodiments, an ANN may be trained using a dropout technique. As an example and not by way of limitation, one or more nodes may be temporarily omitted (e.g., receive no input and generate no output) while training. For each training object, one or more nodes of the ANN may have some probability of being omitted. The nodes that are omitted for a particular training object may be different than the nodes omitted for other training objects (e.g., the nodes may be temporarily omitted on an object-by-object basis). Although this disclosure describes training an ANN in a particular manner, this disclosure contemplates training an ANN in any suitable manner.

Privacy

In particular embodiments, one or more objects (e.g., content or other types of objects) of a computing system may be associated with one or more privacy settings. The one or more objects may be stored on or otherwise associated with any suitable computing system or application, such as, for example, a social-networking system 160, a client system 130, an assistant system 140, a third-party system 170, a social-networking application, an assistant application, a messaging application, a photo-sharing application, or any other suitable computing system or application. Although the examples discussed herein are in the context of an online social network, these privacy settings may be applied to any other suitable computing system. Privacy settings (or “access settings”) for an object may be stored in any suitable manner, such as, for example, in association with the object, in an index on an authorization server, in another suitable manner, or any suitable combination thereof. A privacy setting for an object may specify how the object (or particular information associated with the object) can be accessed, stored, or otherwise used (e.g., viewed, shared, modified, copied, executed, surfaced, or identified) within the online social network. When privacy settings for an object allow a particular user or other entity to access that object, the object may be described as being “visible” with respect to that user or other entity. As an example and not by way of limitation, a user of the online social network may specify privacy settings for a user-profile page that identify a set of users that may access work-experience information on the user-profile page, thus excluding other users from accessing that information.

In particular embodiments, privacy settings for an object may specify a “blocked list” of users or other entities that should not be allowed to access certain information associated with the object. In particular embodiments, the blocked list may include third-party entities. The blocked list may specify one or more users or entities for which an object is not visible. As an example and not by way of limitation, a user may specify a set of users who may not access photo albums associated with the user, thus excluding those users from accessing the photo albums (while also possibly allowing certain users not within the specified set of users to access the photo albums). In particular embodiments, privacy settings may be associated with particular social-graph elements. Privacy settings of a social-graph element, such as a node or an edge, may specify how the social-graph element, information associated with the social-graph element, or objects associated with the social-graph element can be accessed using the online social network. As an example and not by way of limitation, a particular concept node 704 corresponding to a particular photo may have a privacy setting specifying that the photo may be accessed only by users tagged in the photo and friends of the users tagged in the photo. In particular embodiments, privacy settings may allow users to opt in to or opt out of having their content, information, or actions stored/logged by the social-networking system 160 or assistant system 140 or shared with other systems (e.g., a third-party system 170). Although this disclosure describes using particular privacy settings in a particular manner, this disclosure contemplates using any suitable privacy settings in any suitable manner.

In particular embodiments, privacy settings may be based on one or more nodes or edges of a social graph 700. A privacy setting may be specified for one or more edges 706 or edge-types of the social graph 700, or with respect to one or more nodes 702, 704 or node-types of the social graph 700. The privacy settings applied to a particular edge 706 connecting two nodes may control whether the relationship between the two entities corresponding to the nodes is visible to other users of the online social network. Similarly, the privacy settings applied to a particular node may control whether the user or concept corresponding to the node is visible to other users of the online social network. As an example and not by way of limitation, a first user may share an object to the social-networking system 160. The object may be associated with a concept node 704 connected to a user node 702 of the first user by an edge 706. The first user may specify privacy settings that apply to a particular edge 706 connecting to the concept node 704 of the object, or may specify privacy settings that apply to all edges 706 connecting to the concept node 704. As another example and not by way of limitation, the first user may share a set of objects of a particular object-type (e.g., a set of images). The first user may specify privacy settings with respect to all objects associated with the first user of that particular object-type as having a particular privacy setting (e.g., specifying that all images posted by the first user are visible only to friends of the first user and/or users tagged in the images).

In particular embodiments, the social-networking system 160 may present a “privacy wizard” (e.g., within a webpage, a module, one or more dialog boxes, or any other suitable interface) to the first user to assist the first user in specifying one or more privacy settings. The privacy wizard may display instructions, suitable privacy-related information, current privacy settings, one or more input fields for accepting one or more inputs from the first user specifying a change or confirmation of privacy settings, or any suitable combination thereof. In particular embodiments, the social-networking system 160 may offer a “dashboard” functionality to the first user that may display, to the first user, current privacy settings of the first user. The dashboard functionality may be displayed to the first user at any appropriate time (e.g., following an input from the first user summoning the dashboard functionality, following the occurrence of a particular event or trigger action). The dashboard functionality may allow the first user to modify one or more of the first user's current privacy settings at any time, in any suitable manner (e.g., redirecting the first user to the privacy wizard).

Privacy settings associated with an object may specify any suitable granularity of permitted access or denial of access. As an example and not by way of limitation, access or denial of access may be specified for particular users (e.g., only me, my roommates, my boss), users within a particular degree-of-separation (e.g., friends, friends-of-friends), user groups (e.g., the gaming club, my family), user networks (e.g., employees of particular employers, students or alumni of particular university), all users (“public”), no users (“private”), users of third-party systems 170, particular applications (e.g., third-party applications, external websites), other suitable entities, or any suitable combination thereof. Although this disclosure describes particular granularities of permitted access or denial of access, this disclosure contemplates any suitable granularities of permitted access or denial of access.

In particular embodiments, one or more servers 162 may be authorization/privacy servers for enforcing privacy settings. In response to a request from a user (or other entity) for a particular object stored in a data store 164, the social-networking system 160 may send a request to the data store 164 for the object. The request may identify the user associated with the request and the object may be sent only to the user (or a client system 130 of the user) if the authorization server determines that the user is authorized to access the object based on the privacy settings associated with the object. If the requesting user is not authorized to access the object, the authorization server may prevent the requested object from being retrieved from the data store 164 or may prevent the requested object from being sent to the user. In the search-query context, an object may be provided as a search result only if the querying user is authorized to access the object, e.g., if the privacy settings for the object allow it to be surfaced to, discovered by, or otherwise visible to the querying user. In particular embodiments, an object may represent content that is visible to a user through a newsfeed of the user. As an example and not by way of limitation, one or more objects may be visible to a user's “Trending” page. In particular embodiments, an object may correspond to a particular user. The object may be content associated with the particular user, or may be the particular user's account or information stored on the social-networking system 160, or other computing system. As an example and not by way of limitation, a first user may view one or more second users of an online social network through a “People You May Know” function of the online social network, or by viewing a list of friends of the first user. As an example and not by way of limitation, a first user may specify that they do not wish to see objects associated with a particular second user in their newsfeed or friends list. If the privacy settings for the object do not allow it to be surfaced to, discovered by, or visible to the user, the object may be excluded from the search results. Although this disclosure describes enforcing privacy settings in a particular manner, this disclosure contemplates enforcing privacy settings in any suitable manner.

In particular embodiments, different objects of the same type associated with a user may have different privacy settings. Different types of objects associated with a user may have different types of privacy settings. As an example and not by way of limitation, a first user may specify that the first user's status updates are public, but any images shared by the first user are visible only to the first user's friends on the online social network. As another example and not by way of limitation, a user may specify different privacy settings for different types of entities, such as individual users, friends-of-friends, followers, user groups, or corporate entities. As another example and not by way of limitation, a first user may specify a group of users that may view videos posted by the first user, while keeping the videos from being visible to the first user's employer. In particular embodiments, different privacy settings may be provided for different user groups or user demographics. As an example and not by way of limitation, a first user may specify that other users who attend the same university as the first user may view the first user's pictures, but that other users who are family members of the first user may not view those same pictures.

In particular embodiments, the social-networking system 160 may provide one or more default privacy settings for each object of a particular object-type. A privacy setting for an object that is set to a default may be changed by a user associated with that object. As an example and not by way of limitation, all images posted by a first user may have a default privacy setting of being visible only to friends of the first user and, for a particular image, the first user may change the privacy setting for the image to be visible to friends and friends-of-friends.

In particular embodiments, privacy settings may allow a first user to specify (e.g., by opting out, by not opting in) whether the social-networking system 160 or assistant system 140 may receive, collect, log, or store particular objects or information associated with the user for any purpose. In particular embodiments, privacy settings may allow the first user to specify whether particular applications or processes may access, store, or use particular objects or information associated with the user. The privacy settings may allow the first user to opt in or opt out of having objects or information accessed, stored, or used by specific applications or processes. The social-networking system 160 or assistant system 140 may access such information in order to provide a particular function or service to the first user, without the social-networking system 160 or assistant system 140 having access to that information for any other purposes. Before accessing, storing, or using such objects or information, the social-networking system 160 or assistant system 140 may prompt the user to provide privacy settings specifying which applications or processes, if any, may access, store, or use the object or information prior to allowing any such action. As an example and not by way of limitation, a first user may transmit a message to a second user via an application related to the online social network (e.g., a messaging app), and may specify privacy settings that such messages should not be stored by the social-networking system 160 or assistant system 140.

In particular embodiments, a user may specify whether particular types of objects or information associated with the first user may be accessed, stored, or used by the social-networking system 160 or assistant system 140. As an example and not by way of limitation, the first user may specify that images sent by the first user through the social-networking system 160 or assistant system 140 may not be stored by the social-networking system 160 or assistant system 140. As another example and not by way of limitation, a first user may specify that messages sent from the first user to a particular second user may not be stored by the social-networking system 160 or assistant system 140. As yet another example and not by way of limitation, a first user may specify that all objects sent via a particular application may be saved by the social-networking system 160 or assistant system 140.

In particular embodiments, privacy settings may allow a first user to specify whether particular objects or information associated with the first user may be accessed from particular client systems 130 or third-party systems 170. The privacy settings may allow the first user to opt in or opt out of having objects or information accessed from a particular device (e.g., the phone book on a user's smart phone), from a particular application (e.g., a messaging app), or from a particular system (e.g., an email server). The social-networking system 160 or assistant system 140 may provide default privacy settings with respect to each device, system, or application, and/or the first user may be prompted to specify a particular privacy setting for each context. As an example and not by way of limitation, the first user may utilize a location-services feature of the social-networking system 160 or assistant system 140 to provide recommendations for restaurants or other places in proximity to the user. The first user's default privacy settings may specify that the social-networking system 160 or assistant system 140 may use location information provided from a client device 130 of the first user to provide the location-based services, but that the social-networking system 160 or assistant system 140 may not store the location information of the first user or provide it to any third-party system 170. The first user may then update the privacy settings to allow location information to be used by a third-party image-sharing application in order to geo-tag photos.

In particular embodiments, privacy settings may allow a user to specify one or more geographic locations from which objects can be accessed. Access or denial of access to the objects may depend on the geographic location of a user who is attempting to access the objects. As an example and not by way of limitation, a user may share an object and specify that only users in the same city may access or view the object. As another example and not by way of limitation, a first user may share an object and specify that the object is visible to second users only while the first user is in a particular location. If the first user leaves the particular location, the object may no longer be visible to the second users. As another example and not by way of limitation, a first user may specify that an object is visible only to second users within a threshold distance from the first user. If the first user subsequently changes location, the original second users with access to the object may lose access, while a new group of second users may gain access as they come within the threshold distance of the first user.

In particular embodiments, the social-networking system 160 or assistant system 140 may have functionalities that may use, as inputs, personal or biometric information of a user for user-authentication or experience-personalization purposes. A user may opt to make use of these functionalities to enhance their experience on the online social network. As an example and not by way of limitation, a user may provide personal or biometric information to the social-networking system 160 or assistant system 140. The user's privacy settings may specify that such information may be used only for particular processes, such as authentication, and further specify that such information may not be shared with any third-party system 170 or used for other processes or applications associated with the social-networking system 160 or assistant system 140. As another example and not by way of limitation, the social-networking system 160 may provide a functionality for a user to provide voice-print recordings to the online social network. As an example and not by way of limitation, if a user wishes to utilize this function of the online social network, the user may provide a voice recording of his or her own voice to provide a status update on the online social network. The recording of the voice-input may be compared to a voice print of the user to determine what words were spoken by the user. The user's privacy setting may specify that such voice recording may be used only for voice-input purposes (e.g., to authenticate the user, to send voice messages, to improve voice recognition in order to use voice-operated features of the online social network), and further specify that such voice recording may not be shared with any third-party system 170 or used by other processes or applications associated with the social-networking system 160. As another example and not by way of limitation, the social-networking system 160 may provide a functionality for a user to provide a reference image (e.g., a facial profile, a retinal scan) to the online social network. The online social network may compare the reference image against a later-received image input (e.g., to authenticate the user, to tag the user in photos). The user's privacy setting may specify that such voice recording may be used only for a limited purpose (e.g., authentication, tagging the user in photos), and further specify that such voice recording may not be shared with any third-party system 170 or used by other processes or applications associated with the social-networking system 160.

Systems and Methods

FIG. 10 illustrates an example computer system 1000. In particular embodiments, one or more computer systems 1000 perform one or more steps of one or more methods described or illustrated herein. In particular embodiments, one or more computer systems 1000 provide functionality described or illustrated herein. In particular embodiments, software running on one or more computer systems 1000 performs one or more steps of one or more methods described or illustrated herein or provides functionality described or illustrated herein. Particular embodiments include one or more portions of one or more computer systems 1000. Herein, reference to a computer system may encompass a computing device, and vice versa, where appropriate. Moreover, reference to a computer system may encompass one or more computer systems, where appropriate.

This disclosure contemplates any suitable number of computer systems 1000. This disclosure contemplates computer system 1000 taking any suitable physical form. As example and not by way of limitation, computer system 1000 may be an embedded computer system, a system-on-chip (SOC), a single-board computer system (SBC) (such as, for example, a computer-on-module (COM) or system-on-module (SOM)), a desktop computer system, a laptop or notebook computer system, an interactive kiosk, a mainframe, a mesh of computer systems, a mobile telephone, a personal digital assistant (PDA), a server, a tablet computer system, or a combination of two or more of these. Where appropriate, computer system 1000 may include one or more computer systems 1000; be unitary or distributed; span multiple locations; span multiple machines; span multiple data centers; or reside in a cloud, which may include one or more cloud components in one or more networks. Where appropriate, one or more computer systems 1000 may perform without substantial spatial or temporal limitation one or more steps of one or more methods described or illustrated herein. As an example and not by way of limitation, one or more computer systems 1000 may perform in real time or in batch mode one or more steps of one or more methods described or illustrated herein. One or more computer systems 1000 may perform at different times or at different locations one or more steps of one or more methods described or illustrated herein, where appropriate.

In particular embodiments, computer system 1000 includes a processor 1002, memory 1004, storage 1006, an input/output (I/O) interface 1008, a communication interface 1010, and a bus 1012. Although this disclosure describes and illustrates a particular computer system having a particular number of particular components in a particular arrangement, this disclosure contemplates any suitable computer system having any suitable number of any suitable components in any suitable arrangement.

In particular embodiments, processor 1002 includes hardware for executing instructions, such as those making up a computer program. As an example and not by way of limitation, to execute instructions, processor 1002 may retrieve (or fetch) the instructions from an internal register, an internal cache, memory 1004, or storage 1006; decode and execute them; and then write one or more results to an internal register, an internal cache, memory 1004, or storage 1006. In particular embodiments, processor 1002 may include one or more internal caches for data, instructions, or addresses. This disclosure contemplates processor 1002 including any suitable number of any suitable internal caches, where appropriate. As an example and not by way of limitation, processor 1002 may include one or more instruction caches, one or more data caches, and one or more translation lookaside buffers (TLBs). Instructions in the instruction caches may be copies of instructions in memory 1004 or storage 1006, and the instruction caches may speed up retrieval of those instructions by processor 1002. Data in the data caches may be copies of data in memory 1004 or storage 1006 for instructions executing at processor 1002 to operate on; the results of previous instructions executed at processor 1002 for access by subsequent instructions executing at processor 1002 or for writing to memory 1004 or storage 1006; or other suitable data. The data caches may speed up read or write operations by processor 1002. The TLBs may speed up virtual-address translation for processor 1002. In particular embodiments, processor 1002 may include one or more internal registers for data, instructions, or addresses. This disclosure contemplates processor 1002 including any suitable number of any suitable internal registers, where appropriate. Where appropriate, processor 1002 may include one or more arithmetic logic units (ALUs); be a multi-core processor; or include one or more processors 1002. Although this disclosure describes and illustrates a particular processor, this disclosure contemplates any suitable processor.

In particular embodiments, memory 1004 includes main memory for storing instructions for processor 1002 to execute or data for processor 1002 to operate on. As an example and not by way of limitation, computer system 1000 may load instructions from storage 1006 or another source (such as, for example, another computer system 1000) to memory 1004. Processor 1002 may then load the instructions from memory 1004 to an internal register or internal cache. To execute the instructions, processor 1002 may retrieve the instructions from the internal register or internal cache and decode them. During or after execution of the instructions, processor 1002 may write one or more results (which may be intermediate or final results) to the internal register or internal cache. Processor 1002 may then write one or more of those results to memory 1004. In particular embodiments, processor 1002 executes only instructions in one or more internal registers or internal caches or in memory 1004 (as opposed to storage 1006 or elsewhere) and operates only on data in one or more internal registers or internal caches or in memory 1004 (as opposed to storage 1006 or elsewhere). One or more memory buses (which may each include an address bus and a data bus) may couple processor 1002 to memory 1004. Bus 1012 may include one or more memory buses, as described below. In particular embodiments, one or more memory management units (MMUs) reside between processor 1002 and memory 1004 and facilitate accesses to memory 1004 requested by processor 1002. In particular embodiments, memory 1004 includes random access memory (RAM). This RAM may be volatile memory, where appropriate. Where appropriate, this RAM may be dynamic RAM (DRAM) or static RAM (SRAM). Moreover, where appropriate, this RAM may be single-ported or multi-ported RAM. This disclosure contemplates any suitable RAM. Memory 1004 may include one or more memories 1004, where appropriate. Although this disclosure describes and illustrates particular memory, this disclosure contemplates any suitable memory.

In particular embodiments, storage 1006 includes mass storage for data or instructions. As an example and not by way of limitation, storage 1006 may include a hard disk drive (HDD), a floppy disk drive, flash memory, an optical disc, a magneto-optical disc, magnetic tape, or a Universal Serial Bus (USB) drive or a combination of two or more of these. Storage 1006 may include removable or non-removable (or fixed) media, where appropriate. Storage 1006 may be internal or external to computer system 1000, where appropriate. In particular embodiments, storage 1006 is non-volatile, solid-state memory. In particular embodiments, storage 1006 includes read-only memory (ROM). Where appropriate, this ROM may be mask-programmed ROM, programmable ROM (PROM), erasable PROM (EPROM), electrically erasable PROM (EEPROM), electrically alterable ROM (EAROM), or flash memory or a combination of two or more of these. This disclosure contemplates mass storage 1006 taking any suitable physical form. Storage 1006 may include one or more storage control units facilitating communication between processor 1002 and storage 1006, where appropriate. Where appropriate, storage 1006 may include one or more storages 1006. Although this disclosure describes and illustrates particular storage, this disclosure contemplates any suitable storage.

In particular embodiments, I/O interface 1008 includes hardware, software, or both, providing one or more interfaces for communication between computer system 1000 and one or more I/O devices. Computer system 1000 may include one or more of these I/O devices, where appropriate. One or more of these I/O devices may enable communication between a person and computer system 1000. As an example and not by way of limitation, an I/O device may include a keyboard, keypad, microphone, monitor, mouse, printer, scanner, speaker, still camera, stylus, tablet, touch screen, trackball, video camera, another suitable I/O device or a combination of two or more of these. An I/O device may include one or more sensors. This disclosure contemplates any suitable I/O devices and any suitable I/O interfaces 1008 for them. Where appropriate, I/O interface 1008 may include one or more device or software drivers enabling processor 1002 to drive one or more of these I/O devices. I/O interface 1008 may include one or more I/O interfaces 1008, where appropriate. Although this disclosure describes and illustrates a particular I/O interface, this disclosure contemplates any suitable I/O interface.

In particular embodiments, communication interface 1010 includes hardware, software, or both providing one or more interfaces for communication (such as, for example, packet-based communication) between computer system 1000 and one or more other computer systems 1000 or one or more networks. As an example and not by way of limitation, communication interface 1010 may include a network interface controller (NIC) or network adapter for communicating with an Ethernet or other wire-based network or a wireless NIC (WNIC) or wireless adapter for communicating with a wireless network, such as a WI-FI network. This disclosure contemplates any suitable network and any suitable communication interface 1010 for it. As an example and not by way of limitation, computer system 1000 may communicate with an ad hoc network, a personal area network (PAN), a local area network (LAN), a wide area network (WAN), a metropolitan area network (MAN), or one or more portions of the Internet or a combination of two or more of these. One or more portions of one or more of these networks may be wired or wireless. As an example, computer system 1000 may communicate with a wireless PAN (WPAN) (such as, for example, a BLUETOOTH WPAN), a WI-FI network, a WI-MAX network, a cellular telephone network (such as, for example, a Global System for Mobile Communications (GSM) network), or other suitable wireless network or a combination of two or more of these. Computer system 1000 may include any suitable communication interface 1010 for any of these networks, where appropriate. Communication interface 1010 may include one or more communication interfaces 1010, where appropriate. Although this disclosure describes and illustrates a particular communication interface, this disclosure contemplates any suitable communication interface.

In particular embodiments, bus 1012 includes hardware, software, or both coupling components of computer system 1000 to each other. As an example and not by way of limitation, bus 1012 may include an Accelerated Graphics Port (AGP) or other graphics bus, an Enhanced Industry Standard Architecture (EISA) bus, a front-side bus (FSB), a HYPERTRANSPORT (HT) interconnect, an Industry Standard Architecture (ISA) bus, an INFINIBAND interconnect, a low-pin-count (LPC) bus, a memory bus, a Micro Channel Architecture (MCA) bus, a Peripheral Component Interconnect (PCI) bus, a PCI-Express (PCIe) bus, a serial advanced technology attachment (SATA) bus, a Video Electronics Standards Association local (VLB) bus, or another suitable bus or a combination of two or more of these. Bus 1012 may include one or more buses 1012, where appropriate. Although this disclosure describes and illustrates a particular bus, this disclosure contemplates any suitable bus or interconnect.

Herein, a computer-readable non-transitory storage medium or media may include one or more semiconductor-based or other integrated circuits (ICs) (such, as for example, field-programmable gate arrays (FPGAs) or application-specific ICs (ASICs)), hard disk drives (HDDs), hybrid hard drives (HHDs), optical discs, optical disc drives (ODDs), magneto-optical discs, magneto-optical drives, floppy diskettes, floppy disk drives (FDDs), magnetic tapes, solid-state drives (SSDs), RAM-drives, SECURE DIGITAL cards or drives, any other suitable computer-readable non-transitory storage media, or any suitable combination of two or more of these, where appropriate. A computer-readable non-transitory storage medium may be volatile, non-volatile, or a combination of volatile and non-volatile, where appropriate.

Miscellaneous

Herein, “or” is inclusive and not exclusive, unless expressly indicated otherwise or indicated otherwise by context. Therefore, herein, “A or B” means “A, B, or both,” unless expressly indicated otherwise or indicated otherwise by context. Moreover, “and” is both joint and several, unless expressly indicated otherwise or indicated otherwise by context. Therefore, herein, “A and B” means “A and B, jointly or severally,” unless expressly indicated otherwise or indicated otherwise by context.

The scope of this disclosure encompasses all changes, substitutions, variations, alterations, and modifications to the example embodiments described or illustrated herein that a person having ordinary skill in the art would comprehend. The scope of this disclosure is not limited to the example embodiments described or illustrated herein. Moreover, although this disclosure describes and illustrates respective embodiments herein as including particular components, elements, feature, functions, operations, or steps, any of these embodiments may include any combination or permutation of any of the components, elements, features, functions, operations, or steps described or illustrated anywhere herein that a person having ordinary skill in the art would comprehend. Furthermore, reference in the appended claims to an apparatus or system or a component of an apparatus or system being adapted to, arranged to, capable of, configured to, enabled to, operable to, or operative to perform a particular function encompasses that apparatus, system, component, whether or not it or that particular function is activated, turned on, or unlocked, as long as that apparatus, system, or component is so adapted, arranged, capable, configured, enabled, operable, or operative. Additionally, although this disclosure describes or illustrates particular embodiments as providing particular advantages, particular embodiments may provide none, some, or all of these advantages. 

What is claimed is:
 1. A method comprising, by one or more computing systems: receiving a first audio input from a user requesting access to information or a service; determining that the user is to be authenticated prior to accessing the information or service; sending a request for the information or service to an authentication server, wherein the request includes first authentication information based on the first audio input and further includes a user identifier associated with the user; receiving a second audio input from a client system of the user, wherein the second audio input includes a first authentication code to be compared to a second authentication code generated by the authentication server; sending second authentication information based on the second audio input and the user identifier to the authentication server for verification; receiving, from the authentication server, an indication of whether the user is successfully authenticated based on the second authentication information; and providing, to the user, access to the information or service when the user is successfully authenticated.
 2. The method of claim 1, wherein the first authentication information includes at least a portion of the first audio input.
 3. The method of claim 1, wherein the first authentication information includes an intent identifier based on the first audio input.
 4. The method of claim 1, wherein the second authentication information includes the first authentication code.
 5. The method of claim 1, further comprising, by the authentication server: receiving the first authentication information from the one or more computing systems; generating the second authentication code based on the user identifier; and sending the second authentication code to the client system of the user.
 6. The method of claim 5, wherein the second authentication code is further based on the first authentication information.
 7. The method of claim 5, wherein the second authentication code expires after a predetermined time limit.
 8. The method of claim 5, further comprising, by the authentication server: generating audio data comprising an audio representation of the second authentication code.
 9. The method of claim 5, further comprising, by the authentication server: sending, to the computing systems, instructions to audibly prompt the user to confirm the request for access to the information or service.
 10. The method of claim 5, further comprising, by the authentication server: sending, to the client system of the user, instructions to display a prompt to confirm the request for access to the information or service.
 11. The method of claim 10, further comprising, by the client system of the user: displaying a prompt requesting the user to confirm the request for access to the information or service, wherein displaying the prompt is in response to receiving, from the authentication server, the instructions to display the prompt; receiving input from the user responsive to the prompt; generating audio data comprising an encoding of the second authentication code in an audio format; and playing, via an audio output device, the audio data comprising the audio representation of the second authentication code.
 12. The method of claim 11, wherein the encoding of the second authentication code is at a frequency inaudible to human hearing.
 13. The method of claim 11, wherein the encoding of the second authentication code is generated based on a translation of the second authentication code to speech using a text-to-speech translator.
 14. The method of claim 5, further comprising, by the authentication server: receiving the second authentication information and the user identifier; extracting the first authentication code from the second authentication information; determining whether the extracted first authentication code corresponds to the second authentication code, wherein the second authentication code is identified based on the user identifier; and sending, to the one or more computer systems, an indication that the user is successfully authenticated when the extracted first authentication code corresponds to the second authentication code.
 15. The method of claim 14, wherein the second authentication information comprises a numeric encoding of the second audio input, and extracting the first authentication code from the second authentication information comprises decoding the numeric encoding to form the first authentication code.
 16. The method of claim 14, wherein the second audio input comprises an audio encoding of the first authentication code, and extracting the first authentication code from the second authentication information comprises decoding the audio encoding using an audio-to-code mapping.
 17. The method of claim 14, wherein the second audio input comprises an audio encoding of a speech that represents the first authentication code, and extracting the first authentication code from the second authentication information comprises decoding the audio encoding using speech recognition.
 18. One or more computer-readable non-transitory storage media embodying software that is operable when executed to: receive a first audio input from a user requesting access to information or a service; determine that the user is to be authenticated prior to accessing the information or service; send a request for the information or service to an authentication server, wherein the request includes first authentication information based on the first audio input and further includes a user identifier associated with the user; receive a second audio input from a client system of the user, wherein the second audio input includes a first authentication code to be compared to a second authentication code generated by the authentication server; send second authentication information based on the second audio input and the user identifier to the authentication server for verification; receive, from the authentication server, an indication of whether the user is successfully authenticated based on the second authentication information; and provide, to the user, access to the information or service when the user is successfully authenticated.
 19. A system comprising: one or more processors; and a non-transitory memory coupled to the processors comprising instructions executable by the processors, the processors operable when executing the instructions to: receive a first audio input from a user requesting access to information or a service; determine that the user is to be authenticated prior to accessing the information or service; send a request for the information or service to an authentication server, wherein the request includes first authentication information based on the first audio input and further includes a user identifier associated with the user; receive a second audio input from a client system of the user, wherein the second audio input includes a first authentication code to be compared to a second authentication code generated by the authentication server; send second authentication information based on the second audio input and the user identifier to the authentication server for verification; receive, from the authentication server, an indication of whether the user is successfully authenticated based on the second authentication information; and provide, to the user, access to the information or service when the user is successfully authenticated. 